A few thoughts: 1. Keep as much of the business logic resident within the database itself as possible. Use PL/SQL, Stored Java, etc... within the database to control the business logic. Restrict all DML operations to only pass through these interfaces. This affords you scalability later on as additional applications/users want to interface with your database data. In the same light, enforce constraints/relationships at the database level, not through application logic.
2. Look at some of Oracle's security products and features such as global application contexts for single sign-on. Also, consider the security schema of your database. For example, While you might not have a need for granular security right now you never know what the future will bring. RF Robert G. Freeman - Oracle OCP Oracle Database Architect CSX Midtier Database Administration Author of several Oracle books you can find on Amazon.com! Londo Mollari: Ah, arrogance and stupidity all in the same package. How efficient of you. � -----Original Message----- Sent: Monday, November 04, 2002 10:09 AM To: Multiple recipients of list ORACLE-L We are heading down the N-tier path, (browser, websphere app server, oracle database). What is the best method to setup this architecture for security and the logic? 1) Should the business logic be physically separate from the data access on the app server? And if yes, where should the data access component reside? (database or app server) How does batch affect the decision? What variables should we be considering when making this decision? 2) How should the database connection be established from the app server to the database? Should it use a generic account on the app server with the password encrypted in a file? In addition, does anybody have any good white papers or urls? Thanks -- Please see the official ORACLE-L FAQ: http://www.orafaq.com -- Author: Tracy Rahmlow INET: [EMAIL PROTECTED] Fat City Network Services -- 858-538-5051 http://www.fatcity.com San Diego, California -- Mailing list and web hosting services --------------------------------------------------------------------- To REMOVE yourself from this mailing list, send an E-Mail message to: [EMAIL PROTECTED] (note EXACT spelling of 'ListGuru') and in the message BODY, include a line containing: UNSUB ORACLE-L (or the name of mailing list you want to be removed from). You may also send the HELP command for other information (like subscribing). -- Please see the official ORACLE-L FAQ: http://www.orafaq.com -- Author: Freeman, Robert INET: [EMAIL PROTECTED] Fat City Network Services -- 858-538-5051 http://www.fatcity.com San Diego, California -- Mailing list and web hosting services --------------------------------------------------------------------- To REMOVE yourself from this mailing list, send an E-Mail message to: [EMAIL PROTECTED] (note EXACT spelling of 'ListGuru') and in the message BODY, include a line containing: UNSUB ORACLE-L (or the name of mailing list you want to be removed from). You may also send the HELP command for other information (like subscribing).
