Perl Cd Bookshelf [Electronic resources] نسخه متنی

اینجــــا یک کتابخانه دیجیتالی است

با بیش از 100000 منبع الکترونیکی رایگان به زبان فارسی ، عربی و انگلیسی

جستجو بر اساس ... همه عنوان پدیدآور موضوع یادداشت تمام متن
اصطلاحنامه مجموعه ها مرورالفبایی لغت نامه دهخدا
جستجو در لغت نامه
بیشتر
کتابخانه شخصی پرسش از کتابدار ارسال منبع

Perl Cd Bookshelf [Electronic resources] - نسخه متنی

Mark V. Scardina, Ben ChangandJinyu Wang

| نمايش فراداده ، افزودن یک نقد و بررسی
افزودن به کتابخانه شخصی
میخواهم بخوانم
درحال خواندن
خوانده شده
ارسال به دوستان

آدرس پست الکترونیک گیرنده :

آدرس پست الکترونیک فرستنده :

نام و نام خانوارگی فرستنده :

پیغام برای گیرنده ( حداکثر 250 حرف ) :

کد امنیتی را وارد نمایید

ارسال
جستجو در متن کتاب
بیشتر
تنظیمات قلم

فونت

اندازه قلم

+ - پیش فرض

حالت نمایش

روز نیمروز شب
جستجو در لغت نامه
بیشتر
لیست موضوعات

Sitemap

Table of Contents

BackCover

Oracle Database 10g XML & SQL - Design, Build & Manage XML Applications in Java, C, C++ & PL/SQL

Introduction

Part I: Oracle and the XML Standards

Chapter 1: Introducing XML

Well-Formed XML Documents

Valid XML Documents

XML Namespaces

XML and the Database

Database Schema and XML Documents

Summary

Chapter 2: Accessing XML with DOM, SAX, JAXB, and StAX

Accessing XML Using the DOM

Introducing the DOM APIs

Accessing XML with SAX

Accessing XML with Java Binding

Accessing XML with StAX

Best Practices

Chapter 3: Transforming XML with XSLT and XPath

Programmatic Invocation of the XSLT Processor

Navigating XML with XPath

Introducing XSLT Stylesheets

XSL Templates

The XSLT Process Model

Introducing XSLT 2.0

The Oracle XSLT Extensions

The XSLT Virtual Machine

XSLT and the Database

Best Practices

Chapter 4: Validating XML with DTDs and XML Schemas

Validating XML Against DTDs

Introducing the XML Schema Language

Simple and Complex Datatypes

Validating XML with XML Schemas (XSDs)

XML Document Models and the Database

Best Practices

Chapter 5: XML Operations with XQuery

Introducing XQuery

The Oracle XQuery Engine

Querying XML Documents

XQuery and the Oracle Database

Best Practices

Chapter 6: XML Messaging and RPC with SOAP

Using SOAP and the Oracle XDK

Using SOAP and the Oracle Database

Best Practices

Chapter 7: Putting It All Together with XML Pipeline, JSPs, and XSQL

Processing XML with JSPs and XML Beans

Introducing the XSQL Page Publishing Framework

Best Practices

Part II: Oracle XML Management for DBAs

Chapter 8: Getting Started with the Oracle XML Database

A Brief History of XML Support in Oracle Database

Setting Up the Oracle XML Database

What Is the Oracle XML Database?

Oracle XML DB Repository

Oracle Text

XML Database and Standards

Designing the XML Database

Summary

Chapter 9: Storing XML Data

Storing XML Documents in XML Schema - based XMLTypes

Storing XML Documents in Relational Tables

Using External Tables

Schema Evolution

Best Practices

Summary

Chapter 10: Generating and Retrieving XML

Generating XML from SQL Data with SQL XML Functions

Generating XML from SQL Data with DBM XMLGEN

Retrieving Using XMLType and SQL/XML Functions

Generating XML Schemas

Creating XMLType Views

Processing XML

Best Practices

Summary

Chapter 11: Searching XML Data

XPath-Based Searches

Full Text Search

Best Practices

Summary

Chapter 12: Managing the Oracle XML Database

Configuring the Oracle XML DB

Security Management

Summary

Part III: Oracle XML for Java Developers

Chapter 13: Getting Started with Oracle XML and Java

The JDK Environment

Using the XDK with Oracle JDeveloper

Summary

Chapter 14: Building an XML-Powered Web Site

Designing the Framework

Creating the FAQ Database

Designing the FAQ Schema

Connecting the FAQ Web Site to the XML Database

Adding Pagination to the FAQ Listing

Displaying the FAQ and Answers

Creating a Glossary

Searching the FAQs

Summary

Chapter 15: Creating a Portal Site with XML and Web Services

Designing the Static and Dynamic Areas

Adding the Portal Functionality

Creating an Administration Page

Summary

Chapter 16: Developing an XML Gateway Application with SOAP and AQ

Creating the Framework

Creating the XML Messaging Gateway

Extending the Application's Functionality

Summary

Chapter 17: Developing XML-Based Reusable Components

Simple Pipeline Examples

Building the Pipeline Application

Running the Pipeline Application

Summary

Part IV: Oracle XML for C Developers

Chapter 18: Getting Started with Oracle XML and C

Setting Up Your C XML Development Environment

Summary

Chapter 19: Building an XML-Managed Application

The XML Media Files

Creating an XML Configuration File

Creating the XSL Stylesheets

Creating the publishcat Application

Summary

Chapter 20: Build an XML Database OCI Application

Designing the Framework

Setting Up the OCI Application Environment

The Update Application

Initializing the OCI Application

Retrieving a DOM of the Record List via OCI

Performing Unified DOM Operations

Running the xmlupdate Application

Summary

Chapter 21: Create an XML-Configured High-Performance Transformation Engine

Compiling Stylesheets with xslcompile

Running the XSLT Virtual Machine with xsbtransform

Summary

Part V: Oracle XML for C++ Developers

Chapter 22: Getting Started with Oracle XML and C++

Setting Up Your C++ XML Development Environment

Summary

Chapter 23: Build an XML Database OCI C++ Application

Designing the Framework

Setting Up the C++ OCI XML Application Environment

Creating the C++ OCI Helper Class

Initializing the C++ Database XML Application

Handling OCI Errors

Connecting to the Database

Disconnecting from the Database and Cleaning Up

Creating the C++ Query Application

Selecting into an XMLType

Initializing the XDK for XMLType XOB Access

Querying an XMLType with the C++ XDK APIs

Running the Application

Summary

Chapter 24: Building an XML Data-Retrieval Application

Designing the Framework

Building the cppextract Application

Running the cppextract Application

Extending the Framework

Summary

Part VI: Oracle XML for PL/SQL Developers

Chapter 25: Getting Started with Oracle XML and PL/SQL

Setting Up the Environment

PL/SQL XML Processing Techniques

Setting Up Oracle JVM

Summary

Chapter 26: Building PL/SQL Web Services

Building and Publishing the First Database Web Service

Consuming a Web Service Within the Oracle Database

Extending the Application

Summary

Chapter 27: Extending PL/SQL XML Functionality with Java

Running the Java Stored Procedure

Simplifying Deployment of Java Stored Procedures Using Oracle JDeveloper 10g

Processing XML in the Oracle JVM

Developing Your Own Java Stored Procedures

Summary

Chapter 28: Putting It All Together

XML Processing Tier Decisions

Database Design Decisions for XML

Java, C, C++, and PL/SQL Decisions

Extending the Oracle XML Platform

Appendix: XML Standards Bodies and Open Specifications

Java Community Process Specifications

ISO SQL/XML Specification

Oracle Technical Resources

Other Helpful Resources

Glossary

Index

Index_B

Index_C

Index_D

Index_E

Index_F

Index_G

Index_H

Index_I

Index_J

Index_L

Index_M

Index_N

Index_O

Index_P

Index_Q

Index_R

Index_S

Index_T

Index_U

Index_V

Index_W

Index_X

List of Figures

List of Tables

List of Sidebars

توضیحات
افزودن یادداشت جدید








Security Management


In Oracle XML Database 10g, security should be set up to protect against unauthorized access of data and any XML processes that could affect database system operations.



Protecting Data in the Oracle XML DB Repository



The security for the Oracle XML DB resources is based on an ACL, which is a standard security mechanism used in Java, Windows NT, and other systems. The ACL maintains a list of objectlevel restrictions on database users or roles to access the resources in the Oracle XML DB Repository hierarchy.


Before a user performs an operation or method on a resource, a check of privileges for the user on the resource takes place. The set of privileges checked depends on the operation or method performed. For example, to update the Oracle XML DB configurations, READ and WRITE privileges are needed for the xdbconfig.xml resource.


Data access is controlled by the ACL document that specifies the database users, roles, and groups who are able to access certain resources. The default ACL includes the following:





all_all_acl.xml Grants all privileges to all users





all_owner_acl.xml Grants all privileges to owner/creator user





ro_all_acl.xml Grants read privileges to all users





The DBMS_XDBZ PL/SQL package provides the APIs to check and update the ACL in the Oracle XML DB Repository. The following example shows how you can create a user group and set up the ACL for the group to access the Oracle XML DB Repository. The access privilege for each principal, who can be a user or a role, is stored in access control entries (ACEs) in the ACL: 


 CREATE USER USER1 IDENTIFIED BY USER1; 
GRANT CONNECT, RESOURCE TO USER1; 
CREATE USER USER2 IDENTIFIED BY USER2; 
GRANT CONNECT, RESOURCE TO USER2; 
CREATE ROLE DEMOGROUP NOT IDENTIFIED; 
GRANT CONNECT, RESOURCE to DEMOGROUP; 
GRANT DEMOGROUP to USER1; 
GRANT DEMOGROUP to USER2;


By default, all file and directory resources created by a user are accessible to all database users. To limit these users to the group, DEMOGROUP, you first need to create a new ACL resource file and store it in the Oracle XML DB Repository as the file /sys/acls/all_demogroup_ acl.xml. The file looks like the following: 


 <acl description="Private:All privileges to OWNER only"
xmlns="http://xmlns.oracle.com/xdb/acl.xsd"
xmlns:dav="DAV:" 
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://xmlns.oracle.com/xdb/acl.xsd
http://xmlns.oracle.com/xdb/acl.xsd"> 
<ace>  
<principal>DEMOGROUP</principal> 
<grant>true</grant>  
<privilege>  
<all/> 
</privilege> 
</ace> 
</acl>


The preceding ACL specifies grants of all privileges to the owner of the document using the ACE elements. Each ACE element specifies access privileges for a given principal using values set for the elements described in Table 12-3.






















Table 12-3: Access Control Entry Definitions


Element




Description




<principal>




Specifies the principal (user or group).




<grant>




A Boolean value that specifies whether the principal has been granted access to the resource. A value of true specifies that the access is granted. A value of false specifies that access is denied.




<privilege>




Specifies the privileges granted to the principal.




To have some resources to work with, you can connect as USER1 and create a folder in the Oracle XML DB Repository for User1: 


DECLARE
retval BOOLEAN; 
BEGIN 
retval := DBMS_XDB.createfolder('/public/folder1'); 
retval := DBMS_XDB.createResource('/public/folder1/doc1.xml', XML
Type('<xml1/>'));  
END; /


To confirm that User1 and User2 can currently view this resource, either use your FTP client to see the /public/folder1 directory or execute the following query while connected as each user: 


 SELECT count(*) from RESOURCE_VIEW;


Now you can restrict access to these resources by changing the ACL file to all_all_acl.xml by executing the following command: 


BEGIN  
DBMS_XDB.SetACL('/public/folder1',
'/sys/acls/all_all_acl.xml'); 
COMMIT;  
END; /


Once again check for resource access and count and you will see that User2 has fewer resources and no access to /public/folder1. If role/group ownership is in effect, both users could have the same number of accessible resources. You can do this by switching the ACL file again to all_demogroup_acl.xml by executing the following connected as SYS: 


 BEGIN  
DBMS_XDB.SetACL('/public/folder1',  
'/sys/acls/all_demogroup_acl.xml'); 
COMMIT;  
END; 
/


Using the same query, USER1 and USER2 now have the same number of accessible resources: 


 SELECT count(*) from RESOURCE_VIEW;


Each DBMS_XDB security management method takes a path (resource_path, abspath, or acl_path) as a parameter. You can then use any or all of the following DBMS_XDB methods to perform security management tasks:





getAclDocument()





ACLCheckPrivileges()





checkPrivileges()





getPrivileges()





changePrivileges()





setACL()





Oracle XML DB ACLs are cached for very fast evaluation. When a transaction that modifies an ACL is committed, the modified ACL is picked up after the time-out specified in the Oracle XML DB configuration file. The XPath for this configuration parameter is /xdbconfig/sysconfig/ acl-max-age.



Securing DBUri Operations



DBUri servlet security is handled by Oracle Database 10g by using roles. When users log in to the servlet, they use their database username and password. The servlet will check to make sure the user logging in belongs to one of the roles specified in the configuration file. The roles that are allowed to access the servlet are specified in the security-role-ref tag. By default, the servlet is available to the special role authenticatedUser. Any user with a valid database username and password belongs to this role and thus can use the servlet.


The parameter updated in the following example restricting the list of authenticated users can be changed to restrict access to any role(s) in the database. To change from the default authenticated-user role to a role that you have created, for example, servlet-users, run the following connected as a user with XDBADMIN role: 


 DECLARE 
doc XMLType; 
doc2 XMLType; 
doc3 XMLType; 
BEGIN 
doc := dbms_xdb.cfg_get(); 
select updateXML(doc, '/xdbconfig
/sysconfig/protocolconfig/httpconfig/webappconfig 
/servletconfig/servlet-list/servlet[servlet-name="DBUriServlet"]  
/security-role-ref/role-name/text()', 'servlet-users') into doc2 
from dual; 
select updateXML(doc2, '/xdbconfig/sysconfig
/protocolconfig/httpconfig/webappconfig 
/servletconfig/servlet-list/servlet[servlet-name="DBUriServlet"]  
/security-role-ref/role-link/text()', 'servlet-users') into doc3 
from dual;  
DBMS_XDB.CFG_UPDATE(doc3); 
COMMIT;  
END; 
/


/ 218