如何保证通过Weblogic数据源连接数据库的安全性? — oracle-tech

    Forum Stats

  • 3,708,742 Users
  • 2,241,117 Discussions
  • 7,840,569 Comments

Discussions

Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

如何保证通过Weblogic数据源连接数据库的安全性?

通过Weblogic数据源连接到Oracle数据库,应用程序可以不用用户名和密码就可以操作数据库,这样数据库的安全性如何保证?
祥见如下代码:
/*
* xiaolong 2013.06.01
* 通过Weblogic数据源连接数据库:
* 1.添加weblogic.jar
* 2.添加OJDBC6.jar
* 结果:可以连接到数据库,且可以操作数据。
* 结论:通过Weblogic数据源连接数据库如何保证数据安全性?
*/
package com.moonsoft.datasource;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Statement;
import java.util.Hashtable;

import javax.naming.InitialContext;
import javax.naming.NamingException;
import javax.sql.DataSource;


public class C_0001
{
public static void main(String[] argv)
{
C_0002.F_0001();
}
}

class C_0002
{
public static String FACTORY ="weblogic.jndi.WLInitialContextFactory";
public static String URL = "t3://IP:PORT";
public static String DATASOURCE = "DATASOURCE";

public static Object lookUp() throws NamingException
{
Hashtable<String, String> env = new Hashtable<String, String>();
env.put(InitialContext.INITIAL_CONTEXT_FACTORY, FACTORY);
env.put(InitialContext.PROVIDER_URL, URL);
InitialContext tempContext = new InitialContext(env);
return tempContext.lookup(DATASOURCE);
}
public static Connection getConnection() throws SQLException
{
Connection conn = null;
try
{
DataSource ds = (DataSource) lookUp();
if (ds == null)
{
throw new SQLException("空数据源!");
}
conn = ds.getConnection();
}
catch (NamingException ex)
{
ex.printStackTrace();
}
return conn;
}

public static void Q_0001(Connection conn) throws SQLException
{
String sql_01="select * from t_0001";
Statement stmt=conn.createStatement();
ResultSet rs=stmt.executeQuery(sql_01);
while(rs.next())
{
System.out.println(rs.getString(1)+":"+rs.getString(2));
}
}
public static void Q_0002(Connection conn) throws SQLException
{
String sql_02="delete from t_0001 where id in(3,5,7,9)";
Statement stmt=conn.createStatement();
stmt.executeQuery(sql_02);
}

public static void Q_0003(Connection conn) throws SQLException
{
String sql_03="insert into t_0001 values(999,'xl999')";
Statement stmt=conn.createStatement();
stmt.executeQuery(sql_03);
}

public static void Q_0004(Connection conn) throws SQLException
{
String sql_04="Update T_0001 Set uname='xl9999' where id=1";
Statement stmt=conn.createStatement();
stmt.executeQuery(sql_04);
}

public static void Q_0005(Connection conn) throws SQLException
{
String sql_05="SELECT object_type,object_name FROM USER_OBJECTS WHERE OBJECT_TYPE='TABLE' and rownum<10 ORDER BY OBJECT_NAME";
Statement stmt=conn.createStatement();
ResultSet rs=stmt.executeQuery(sql_05);
int i =0;
while(rs.next())
{
System.out.println(rs.getString(1)+":"+rs.getString(2));
i+=1;
}
System.out.println("对象共计:"+i);
}

public static void F_0001()
{
System.out.print("通过Weblogic数据源连接Oracle数据库...");
try
{
Connection conn=getConnection();
if(conn!=null)
System.out.println("连接成功!");
if(conn ==null)
{
System.out.println("连接失败!");
System.exit(0);
}
Q_0001(conn);
Q_0002(conn);
Q_0003(conn);
Q_0004(conn);
Q_0005(conn);
}
catch(Exception e)
{
e.printStackTrace();
}
System.out.println("End!");
}
}
Tagged:
This discussion has been closed.