|Security / Data||org.jaffa.persistence.engines.jdbcengine.security
Data security is designed to allow data visibiliy to be defined per user. This traditionally means each user needs
either (a) a unique database log on or (b) the security logic is implemented in the application layer, not the database
This design uses new security features of Oracle 9i to allow us to still maintain a pool of connections to the database,
but for a give connection allow the database to perform the data visiblity logic.
What is provided by Jaffa is the basic framework for doing data security. This includes the following
- A security class to plug into the JDBCEngine in the persistence layer
- An oracle package to provide the basic functionality in the database
- A policy generation pattern, that can from an XML based policy definition create all the required SQL to
implement the policy.
The following three guides should help you understand the data security architecture is more detail.