Usually when you are developing a new feature or fixing an issue, you want to focus in your business logic. If your application delegates the authentication in some SSO system you usually mocks the response from this last one. However for integration tests, it is nice to be able to test your application against the full SSO cycle, specially if you have to use things like the SAML2 Web Profile.
Virtual Private Databases (VPD) is an Enterprise Edition feature related to security. It restricts the scope of Data Manipulation Language to a subset of the table rows by transparently adding a where clause before executing them. It is also called Row-Level Security (RLS). Where the policy is enabled, it is like having the selected DML (SELECT, INSERT, UPDATE, DELETE) operate on a transcient view. And the predicates for this view can be dynamic and even query tables that the user cannot see.
The purpose of this post is to explain the need of adding encryption to the network communications between containers, and how to achieve it at application level, creating Transport Layer Security (TLS) certificates with the already provided Kubernetes APIs.
Grammatically the title has no much sense, but those were the keywords that I used to type a couple of years ago when I started to work in the integration of our JEE applications into our SSO system.
Maybe you are wondering why a java entry in a databases blog? The answer is simple, at CERN, the Infrastucture and Middleware Services section (aka IMS) is part of the Database Services , and, among many other things, we take care of the Java application servers for our users.
In my previous blog post (http://db-blog.web.cern.ch/blog/szymon-skorupinski/2014-05-migrating-oracle-database-12c-what-do-auditing) I provided you with number of reasons why unified auditing looks very promising and should be seriously considered while migrating to 12c. Nonetheless, I was not talking at all about performance – which also seems to be greatly improved.
If you consider migrating to Oracle Database 12c, no matter if you think of development, testing or production environments, one of many decisions you need to take is to define what to do with the auditing.