> Then how to handle security issues regarding the query and result set, beacuse
> they are embedded in the java code?
create views?
Also, I really have not had to deal with security issues within Oracle
directly because we know who has access to the database and we are not
worried about known users screwing things up. What type of application are
you developing? Are you expecting to give people direct write access that
you don't know (ie: trust)?
If you are doing an e-commerce system, then Oracle should be off another
ethernet card on your unix box (and even behind a firewall if you are really
paranoid) so that there is no way to directly route from the machine running
the servlet engine (and jdbc) to the machine running Oracle.
i hope that helps,
-jon
___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".
Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
