Help: Best Solution for Auditing??

Hi,
Scenario: We are in the process of implementing a large scale application utilizing BC4J and Struts. Our client has about 100 users on the system daily, they are authenticated at the application tier (username is stored throughout the session in a user object). We will NOT be creating database users for each application user.
Issue: Our database tables have audit columns to monitor who is performing the data manipulation. Each table has an audit trigger that populates the audit columns, but this obviously is meaningless since everyone is connected to the DB under the same user.
Our Current Solution: We have disabled our audit triggers, and we are setting the audit columns equal to the application user at the application tier level. This has been tedious to implement since we have 100s of different classes that perform DML that needed additional setAttribute calls for the audit columns.
Other Solutions???
Thanks in advance,
Andy Hamilton
TUSC

Hi,
Below is a reply I have emailed to Matt last week for anyone who are interested.
Matt,
I think the best is to implement prepareSession in the root app module
and do your own authentication in the middle-tier rather than querying
vo from client. Attached is a copy of app module impl and the login jsp
I used for the test. If you need the tables or the entire bc4j project
I used for this test please let me know. I can zip it up and mail it to
you.
Let me know if this is a workable solution. I still think a custom JAAS
login module is the right solution because it doesn't tie to a
particular business package or application.
Thanks,
Yvonne
Below are the custom application module and LoginPage.jsp I have tested
package mypackage1;
import oracle.jbo.server.ApplicationModuleImpl;
import oracle.jbo.Session;
import oracle.jbo.ViewObject;
import oracle.jbo.JboContext;
import oracle.jbo.JboException;
import java.util.Hashtable;
import oracle.jbo.common.PropertyMetadata;
import oracle.jbo.common.PropertyConstants;
import oracle.jbo.common.CommonMessageBundle;
// --- File generated by Oracle Business Components for Java.
public class Mypackage1ModuleImpl extends ApplicationModuleImpl
* This is the default constructor (do not remove)
public Mypackage1ModuleImpl()
protected void prepareSession(Session session)
super.prepareSession(session);
authenticate(session);
void authenticate(Session session)
Hashtable env = session.getEnvironment();
String userName = (String) env.get(JboContext.SECURITY_PRINCIPAL);
if (userName != null)
ViewObject usersView = getUsersView1();
usersView.setWhereClause("USERID = '" + userName + "'" );
usersView.executeQuery();
if (usersView.hasNext())
System.out.println("Authentication Success");
else
System.out.println("Authentication Failed");
throw new JboException(CommonMessageBundle.class,
CommonMessageBundle.EXC_SECURITY,
new Object[]{env.get(JboContext.SECURITY_PRINCIPAL)});
* Container's getter for DepthistoryView1
public DepthistoryViewImpl getDepthistoryView1()
return (DepthistoryViewImpl)findViewObject("DepthistoryView1");
* Container's getter for UsersView1
public UsersViewImpl getUsersView1()
return (UsersViewImpl)findViewObject("UsersView1");
* Sample main for debugging Business Components code using the tester.
public static void main(String[] args)
launchTester("mypackage1", "Mypackage1ModuleLocal");
<%@ page contentType="text/html;charset=windows-1252"
import="oracle.jbo.http.HttpContainer,oracle.jbo.JboContext"
%>
<%@ taglib uri="/webapp/DataTags.tld" prefix="jbo" %>
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=windows-1252">
<TITLE>Login</TITLE>
</HEAD>
<BODY>
<%
// If this is a post request then assume that it is the result
// of a form submit. Attempt to login.
if (request.getMethod().equalsIgnoreCase("POST"))
// Invalidate any previous "am" application SessionCookie
// which may exist for this session.
HttpContainer c = HttpContainer.getInstanceFromSession(session);
c.setSessionCookie("am", null);
// Cache the principal and credentials in the session.
session.setAttribute(JboContext.SECURITY_PRINCIPAL, request.getParameter("username"));
session.setAttribute(JboContext.SECURITY_CREDENTIALS, request.getParameter("password"));
try
%>
<!-- Use the ApplicationModule tag to force a connection attempt. -->
<jbo:ApplicationModule
id="am"
configname="mypackage1.Mypackage1Module.Mypackage1ModuleLocal"
releasemode="Stateful" />
<!-- Immediately release the application module so that the release
mode of this page does not interfere with the release mode of the
page to which we are forwarding. The session cookie will remain
authenticated, and since we are using pooling it should not consume
significant CPU cycles in reacquiring an ApplicationModule instance.
Stateful is also preferred because it does not incur additional
cycles to reset the ApplicationModule state between this page and
the page to which we are forwarding. -->
<jbo:ReleasePageResources appid="am" />
// If login is successful, then forward to the application entry point.
<jsp:forward page="DepthistoryView1_Browse.jsp" />
<%
catch (oracle.jbo.JboException e)
// If login fails, then invalidate the session cookie that was
// implicitly created by the ApplicationModule tag above.
c.setSessionCookie("am", null);
%>
<h2>Login Failed. Please Try Again.</h2>
<%
%>
<table width="300" border="0" cellspacing="2" cellpadding="2">
<form method="post" action="LoginPage.jsp" name="Login">
<tr>
<td align=right valign="middle"><span>Username  </span>
</td>
<td align=left valign="top" colspan="2">
<input name="username" size=15 maxlength="100"> </td>
</tr>
<tr>
<td align=right valign="middle"><span>Password  </span> </td>
<td align=left valign="top">
<input type=password name="password" size=15 maxlength="100"> </td>
<td align="left" valign="middle" width="15%">
<input type="submit" value="Login">
</td>
</tr>
</form>
</table>
</BODY>
</HTML>

Similar Messages

  • I have problems in the initiation of the Encore process when opening presents the following error message : "Encore CS6 Cannot Run in Non-Royalty Serialized".... What is the best solution for this problem ?

    Help Me.
    What is the best solution for this problem ?

    Encore is activated when you activate Premiere Pro... so, as Stan asked, how did you install P-Pro?
    Ask for serial number http://forums.adobe.com/thread/1234635 has a FAQ link
    -and a fix for Encore http://forums.adobe.com/thread/1421765?tstart=0 in reply #7
    -plus more Encore http://helpx.adobe.com/encore/kb/cant-write-image-fie-larger1.html

  • SQL Server 2012 - Wat Is The Best Solution For Creating a Read Only Replicated/AlwaysOn Database

    Hi there I was wondering if someone may have a best recommendation for the following requirement I have with regards setting up a third database server for reporting?
    Current Setup
    SQL Server 2012 Enterprise setup at two sites (Site A & Site B).
    Configured to use AlwaysOn Availability groups for HA and DR.
    Installed on Windows 2012 Servers.
    This is all working and failover works fine and no issues. So…
    Requirement
    A third server needs to be added for the purpose of reporting, to be located on another site (Site C) possibly in another domain. This server needs to have a replicated read only copy of the live database from site A or Site B, whichever is in use. The Site
    C reporting database should be as up-to-date to the Site A or Site B database as possible – preferably within a few seconds anyway….
    Solution - What I believe are available to me
    I believe I can use AlwaysOn and create a ReadOnly replica for the Site C. If so do I assume Site C needs to have the Enterprise version of SQL server i.e. to match Site A & Site B?
    Using log shipping which if I am correct means the Site C does not need to be an Enterprise version.
    Any help on the best solution for this would be greatly appreciated.
    Thanks, Steve

    for always on - all nodes should be part of one windows cluster..if there site C is on different domain - I do not think it works.
    Logshipping works --as long as the sql on site C is is same or higher version(sql 2012 or above).  you can only do read only.
    IMHo, if you can make site C in the same domain then, Always is better solution else log shipping
    also, if your database has enterprise level features such as - partitonin, data compression -- you cannot restore the database on lower editions- so you need to have enterprise edition.
    Hope it Helps!!

  • What is teh best solution for my Problem??

    hello everyone
    i'am planing to develop a Patient Management System (PMS)
    since i 'm not that guru in the J technologies i would like you to get me some help with this decision:
    what is the best solution for developeing an intranet "PMS" which should handles data (connection to postgresql) and runs some algorithm (for planing puropose) im background ??
    1 developeing a web based solution (servlet and jsp and and ..)
    2 developeing an application wich will be manging everything ??? (a kind of programm with its own GUI)
    3 you may have an other idea solution and ill be gald for any advices
    ps sorry for my english its not that great ;)

    Web applications are all the rage these days and IMO rightly so as they greatly reduce deployment cost and headaches.
    They do have some drawbacks though which for you might be important.
    I can imagine that sooner or later (probably sooner in my experience) a requirement to interface with hardware installed on the client machines will emerge.
    Whether this is a barcode scanner or a chipcard reader to get client information from some form of card issued to the client, or maybe a label printer to print out labels for medication bottles doesn't matter, you need to access the client machine directly.
    Web applications have great difficulty with that (in fact, it's all but impossible).
    You could go for an applet solution but that's contrived at best and still leaves the same problems.
    So in your situation an old-fashioned client/server application (maybe using web services to communicate with the serverside application) is likely the best longterm solution.
    You'd have the database remote so everyone has access to the same data, being accessed through processes run on the server and called by the clients. These can also do most of the business logic, leaving the clients relatively dumb responsible mainly for data validation and entry and presentation of the results.

  • Best practice for audit management

    Hi,
    Is there any best practice for audit management in SAP ?

    Hi,
    You can check these links and white papers which explains the business scenarios and best practices
    http://www50.sap.com/businessmaps/9AD1FC0540D0479CA76C4CA1EE9AF668.htm
    http://www.sap.com/solutions/business-suite/erp/brochures/index.epx - "Audit management with SAP software".
    Regards,
    Keerthi

  • What is the best solution for me to run Microsoft Access on my brand new iMAC?  Assume I'm a casual user.

    What is the best solution for me to run Microsoft Access on my brand new iMAC?  Assume I'm a casual user.
    I am lead to believe by some real smart guys on the Apple site that If I have the Apple Store partition my iMAC and add the full suite of Office products on that partition, I can run the few Access programs I have and need to run.
    Comments encouraged.  Thank you in advance for your consideration and help.

    You would have to install Windows, then install Microsoft Office Professional for Windows on it  To install Windows you will have to choose between Boot Camp (faster, free) and a Virtual Machine (simpler, slower, easier to backup)
    You should try LibreOffice (free), it can open Access files, it may not have all Access's feature set though, worth a try.
    www.libreoffice.org

  • What are the best practices for audit report for SharePoint 2013 farm ?

    Hello,
    I am looking for the best practices for audit reporting in SharePoint 2013 farm.Can anyone please provide me checklist/tools/guidelines on same ?
    your help will be much appreciated.
    Thanks and Regards,
    Dipti Chhatrapati

    This is quite open ended question. A sharepoint farm should be well maintained as per :
    1. Microsoft's recommendations on : Topology, Hardware and Software requirements, Operational procedures and most important Capacity guidelines:
    http://technet.microsoft.com/en-us/library/ff758645(v=office.15).aspx
    http://technet.microsoft.com/en-us/library/cc262787(v=office.15).aspx
    2. Organisation's IT policies and procedures : Farm Configuration, Workload and monitoring
    http://technet.microsoft.com/en-us/library/ff758658(v=office.15).aspx
    http://technet.microsoft.com/en-us/library/ee748651(v=office.15).aspx
    3. Industry best practices
    I would suggest to start thinking over these lines and create a plan for your Sharepoint farm.
    You can then create powershell scripts to run these reports at certain frequency to find the changes, any deviation from the standard and health of the entire farm.
    Hope this helps!!
    I LOVE MS..... Thanks and Regards, Kshitiz (Posting is provided "AS IS" with no warranties, and confers no rights.)

  • Best solution for media storage

    Hi Everyone,
    I am looking for suggestions/how-to on the best setup for media storage. We have two editors (and two computers - Mac Pro PowerPC and iMac Intel). We are currently using an internal 500 GB slot on the Mac Pro along with 1 additional external 1.5 TB drive. Then, on our iMac we use a 1.5 TB external drive. We use, for external drives, LaCie.
    Here's our problem. We are running out of space. So, what is the best solution for media storage? Should we get a small rack for our external drives from LaCie and daisy chain them? Or, should we get a server? The only problem I have with a server is connection speed...we, most of the time, have a slow connection at our college.
    p.s. here is a link to LaCie's website listing a rack...and we have the d2 drives. So, do you daisy chain them or plug each one in individually?
    http://www.lacie.com/us/products/product.htm?pid=10172
    Any ideas/thoughts/suggestions are greatly appreciated!!
    Thanks in advance.
    zanm
    Message was edited by: zanfardinom

    Hi Everyone!
    Thank you all for your suggestions. I agree...Drobo looks great, but I am finding more and more bad news when it comes to editing. It looks like a great solution for archiving. I received another solution with great reviews from one of my colleagues contacts. They work for a big company.
    Hope this helps...something else to add to the mix.
    *Our edit suite storage solution is a Facilis Terrablock 24EX unit. (http://www.facilis2.com/24ex.html) It has 18TB of space and is connected on 4GB Fibre channel to both suites. On top of that we have an Apple X-Serve running Final Cut Server that sorts and catalogs all the video we put in so network users (Mac and PC) can search and look at media from their workstations. We just put this in a few months ago. Before that we had a Rorke Data Galaxy HDX with 6TB of space on a 2GB Fibre Channel connection. ( http://www.rorke.com/av/galaxy-hdx.cfm ) It’s now a backup storage unit. Both systems have excellent performance though, we upgraded mostly for space and the server software.*
    Again, thank you all for your help. I will research all suggestions.

  • What is best solution for backup ?

    Our environment consisted of RAC (2 nodes). we are trying to back up our database using RMAN with NetBackup.
    we also have other different databases need to be backed up.
    In RAC case, what is best solution for backing up the database ?
    As I mentioned above, we are using RMAN for backup our RAC with NetBackup.
    Actually, the RMAN is not simple utility for me.
    Is there any other way to back up the database in our situation without rman.
    I need some advice from all of you.
    Thanks in advance.

    Hi Justin
    There are many possible ways to backup your database. You must decide the one that suits your environment.
    Following is the list of options that you have.
    1. Take Online Backups
    Issue this command to freeze tablespaces
    SQL> ALTER TABLESPACE tblspcname BEGIN BACKUP;
    Copy all the files belonging to this tablespace to your backup location using OS commands.
    Release the tablespace by using this command.
    SQL> ALTER TABLESPACE tblspcname END BACKUP;
    To find the data files belonging to a particular tablespace you can issue this statement
    SQL>SELECT file_name, tablespace_name FROM dba_data_files ORDER BY tablespace_name;
    2. If your db size is not BIG then you can take logical backups. Logical Backups can be FULL or incremental. In 10g you can have filesets to spilit your logical backups in more than one file with specified sizes. (By Logical Backups I mean EXPORT).
    To take export for example issue this command.
    ORACLE_HOME\bin\exp file=fullpath+filename.dmp log=fullpath+logfilename.log FULL=Y userid=system/pwd@dbconnectstring
    To get full list of export parameters type
    ORACLE_HOME\bin\exp help=y
    3. RMAN (Strongly recommended) but you ruled out its possibility so I won't elaborate on that.
    4. COLD BACKUP
    To perform this type of backup you will need to shutdown your database by issuing this command.
    SQL>SHUTDOWN IMMEDIATE;
    (On RAC you will need to shutdown all the instances before copying files to the backup location).
    Use OS copy command to copy files to backup location.
    (This method is not recommended as it will flush your SGA and your client will complain about performance for the first few hours).
    Let me know if you need more details.
    Hopefully this helps.
    Rgds
    Adnan

  • The BEST solution for gmail on the iPhone

    OK, so after much poking around, I finally figured out the best solution for using gmail on the iPhone: IMAP support.
    While I think Google is still rolling this out to all users, once you get it, USE IT! It basically keeps your mail app synced with gmail, and even supports the use of folders/labels.
    To see if your gmail account is ready for IMAP, go to the settings option in gmail and see if one of the tabs says "Forwarding and POP/IMAP." If you don't have IMAP available on your account yet, it won't say IMAP.
    Here's some links to get you started:
    setting up IMAP for gmail on your iPhone:
    https://mail.google.com/support/bin/answer.py?answer=77702
    how actions in your mail app sync to gmail:
    https://mail.google.com/support/bin/answer.py?answer=77657
    I hope this helps out everyone as much as it's helped me. I was a little frustrated before using POP, but gotta love IMAP! I'm not too sure the impact that this has on your battery life, but so far it's working well for me. Enjoy!

    Gmail and IMAP have totally change my tune about the iPhone's email abilities. I was getting frustrated with the inability to reliably get mail (Message has not been downloaded...), sync (have to delete mail from both iPhone and desktop Mac), etc., but now I have all my POP email accounts automatically forward to my Gmail account, and I only check Gmail with the iPhone and MacPro. So far, it's a whole new iPhone experience! No more errors - ALL mail comes through perfectly - and no need to manually sync!
    Note that, when setting up the Gmail/IMAP accounts, do NOT simply update your old POP Gmail settings on your Mac or iPhone! Start with a FRESH new account. I couldn't get either the iPhone or Mac to work until I started with a fresh account.
    Also, I was unable to send mail from the iPhone using the smtp.gmail address, so I had changed the outgoing mail setting to use my regular ISP's smtp address. But, at some point (a few minutes later or a few hours, I don't know) when I checked the Gmail settings on the iPhone, it had magically changed itself to smtp.gmail, with the port number, and it has been working perfectly ever since! Maybe IMAP can atomatically correct this info? Not sure.
    One more thing. Once you have Gmail IMAP working, then you MUST go here:
    http://5thirtyone.com/archives/862
    Follow these directions exactly. This is a necessary set of steps in order to make your iPhone and Mac sync correctly, so that trashed mail on the iPhone will go in the trash on your desktop Mac, etc. It's pretty freaky to check email on the iPhone, and then go to your Mac Mail a few minutes later, and see all the newly trashed (or saved/read) emails perfectly synched up!
    A final note. Once this is all working and synching, remember that if you delete an email on your iPhone, it gets deleted on the desktop Mac Mail as well (and vice-versa)... which is exactly what you want to happen, but I find that I have to remember to keep the mail that I want to save on the iPhone's inbox until I get back to my desktop Mac. Otherwise, I have to manually remove it from the trash to save it!

  • TA24002 My 500 GB can't verify nor repair. I have photoshop work that I need to recover. I would like to know which erase option would be the best solution for this problem.

    My 500 GB can't verify nor repair. I have photoshop work that I need to recover. I would like to know what option would be the best solution for this problem?

    You appear to have two issues: 1) a hard drive that is not working properly and 2) files you wish to recover.
    Re 1) you need to answer Kappy's questions.
    Re 2) does the drive load and can you see your photo files? If so can you copy them to another drive?
    Do you not have a backup of the photo files?

  • Best Solution for Archiving Table data

    Hi All,
    I have a table with huge data. It is not partitioned table.
    On an average per day 10000 records will be inserted into this table. Now I want to archive(backup)
    every one years data manually and keep in safe location and hence delete those archived rows
    from the table. Whenever required it should be easily imported back to this table. All this happens through
    Application.
    One appraoch in my mind right now, is transferring the data from table to flat file with comma separted,
    and whenever required again importing back to the table from Flat file using external tables concept.
    Can any body suggest what is best solution for this.
    Thanks

    The best solution would be partitioning.
    Any other solution requires DML - running DELETE and INSERT transactions to remove a data set and to add a data set (if need be) again.
    With partitioning this is achieved (in sub-seconds) using DDL by exchanging a partition's contents with that of a table. Which means that after the archived data has been loaded (SQL*Loaded, Import, etc) into a table (and indexes created), that table (with indexes) is "swapped" into the partition table as a partition.

  • What is the best solution for migrating from Maverick to Yosemite?

    What is the best solution for migrating from Maverick to Yosemite? Anyone have suggestions?

    Back up all data. Update all third-party software to the latest version and remove any you don't need. Download the Yosemite installer from the App Store. Run it.

  • I have searched for solutions to the error 13019, but everyone with the problem doe'st manually manage their music like I do. I really don't want to have to sync and gothrough that mess. Help? solution for manually managing videos and music!!

    I have searched for solutions to the error 13019, but everyone with the problem doesn't manually manage their music like I do. I really don't want to have to sync and go through that mess. Please Help! solution for manually managing videos and music!!

    - Make an appointment at the Genius Bar of an Apple store and hear what they hae to say. It is free.
    Apple Retail Store - Genius Bar                          
    you can turn on Assistive Touch it adds the Power and other buttons to the iPods screen. Settings>General>Accessibility>Assistive Touch

  • Best Solution For Automatic Cache Refresh

    Hello SDN,
            I need to know the best solution for automatic cahe update so that we donot get a runtime cache error in SXI_CACHE.We scheduled SAI_CACHE_REFRESH After every 1 minute, But is it the best solution???
    We need to know if there are better solution than this?
    We have had a look at the "how to Guide on Cache" also.But if we want an automatic refresh after every object is activated whats the best solution.
    It works with this but we want to know if there is a better solution or maybe even an implication on using this, as we did not find any documentation on SAI_REFRESH_CACHE.
    Regards,
    Anirban.

    Sorry, i posted the incorrect name in the later part of my mesage its SAI_CACHE_REFRESH.
    Regards,
    Anirban.

Maybe you are looking for

  • IBOOK - Calibre crashes iTunes on Windows Vista with ePUB

    I got a PDF of a book. It doe snot have any DRM. I then converted to EPub using Calibre. The I use the ePub file genrated an dropped into iTues, and everytime I do it, iTunes crashes..Any suggestions of what may i do Thanks IpAdJunkie

  • Networking issues after a move and upgrade

    I just moved, and did a massive system upgrade, moving over fully to systemd. Everything works fine, except my network seems to crap out after a random period of time (sometimes 2 hours, sometimes 10 minutes, sometimes it stays up for days). ive used

  • One Touch Access - advanced settings

    Hello, Nokia 2700 Classic used as modem for pc. ISP = Vodafone Romania. So far, it works, but rather slow. Please inform me what are the appropriate settings in One Touch Access , manual configuration, in the last field "additional initialization com

  • How to create a class diagram in NetBeans?

    Hi there. Is is possible to create a class diagram from an already created project in netbeans (I know it's backwards)? Cheers.

  • Wheres the OK button in the advanced window in preferences?

    I'm trying to import videos but I need to change settings in the advanced window, I've changed them but I can't find the OK button to save the changes. can anyone help?