05374nam 2200553 a 450 991043810350332120200520144314.01-4302-4732-010.1007/978-1-4302-4732-6(OCoLC)852148709(MiFhGG)GVRL6VWR(CaSebORM)9781430247319(OCoLC)855377735(OCoLC)ocn855377735(CKB)2670000000388532(MiAaPQ)EBC1317654(EXLCZ)99267000000038853220130716d2013 uy 0engurun|---uuuuatxtccrExpert oracle application express security /Scott Spendolini ; [foreword by Joel R. Kallman]1st ed. 2013.[Berkeley, Calif.] Apress20131 online resource (xxiv, 270 pages) illustrations (chiefly color)Expert's voice in Oracle Expert Oracle application express securityIncludes index.1-4302-4731-2 Cover; Title Page; Copyright Page; Dedication Page; Contents at a Glance; Table of Contents; Foreword; About the Author; About the Technical Reviewer; Acknowledgments; Introduction; About This Book; Security Planning & Assessment; APEX Security; User Access; Data Access & Protection; Downloading the Code; Contacting the Author; CHAPTER 1 Threat Analysis; Assessment; Home Security Assessment; Application Security Assessment; Data and Privileges; Types of Threats; Preventable; URL Tampering; SQL Injection; Cross-Site Scripting; Unpreventable; Summary; CHAPTER 2 Implementing a Security PlanWhat Is a Security Plan?Assessment; Risk Analysis; Access Control; Data Access; Auditing and Monitoring; Application Management; Design; Development; Contingency; Review and Revision; Security Reviews; Automated Reviews; Manual Reviews; Simulating a Breach; Summary; CHAPTER 3 APEX Architecture; Overview of APEX; Administration Console; Managing Requests; Managing Instances; Managing Workspaces; Monitoring Activity; Workspaces; Users and Roles; Schema Mappings; Components; Application Builder; SQL Workshop; Team Development; Websheets; Architecture; Metadata-Based Architecture; SchemasAPEX_PUBLIC_USERAPEX_040200; FLOWS_FILES; Transactions; The f Procedure and WWV_FLOW.SHOW; The WWV_FLOW.ACCEPT Procedure; Session State; Infrastructure; Embedded PL/SQL Gateway; Oracle HTTP Server and mod_plsql; APEX Listener; Summary; CHAPTER 4 Instance Settings; Overview; Runtime Mode; The Instance Administration API; The Instance Administrator Database Role; Other Options; Configuration and Management; Manage Instance Settings; Feature Configuration; Allow PL/SQL Program Unit Editing Setting; Create Demonstration Objects in New Workspace SettingCreate Websheet Objects in New Workspaces Setting Packaged Application Install Options; SQL Workshop; Monitoring; Application Activity Logging; Enable Application Tracing; Enable Service Requests; Security; Set Workspace Cookie; Disable Administrator Login; Disable Workspace Login; Allow Public File Upload; Restrict Access by IP Address; Instance Proxy; Require HTTPS; Require Outbound HTTPS; Allow RESTful Access; Maximum Session Length and Idle Time in Seconds; Domain Must Not Contain; General Login Controls; Delay After Failed Login Attempts in Seconds; Method for Computing the DelayInbound Proxy Servers Require User Account Expiration and Locking; Maximum Login Failures Allowed; Account Password Lifetime (Days); Workspace Password Policy; Instance Configuration Settings; Provisioning Status; Require Verification Code; Notification E-mail Address; E-mail Provisioning; Message; Require New Schema; Encrypted Tablespaces; Delete Uploaded Files After (Days); E-mail; Wallet Path; Wallet Password; Report Printing; Workspace Purge Settings; Manage Other Instance Settings; Session State; Recent Sessions Report; Purge Sessions by Age Function; Session State Statistics ReportLogs and FilesExpert Oracle Application Express Security covers all facets of security related to Oracle Application Express (APEX) development. From basic settings that can enhance security, to preventing SQL Injection and Cross Site Scripting attacks, Expert Oracle Application Express Security shows how to secure your APEX applications and defend them from intrusion. Security is a process, not an event. Expert Oracle Application Express Security is written with that theme in mind. Scott Spendolini, one of the original creators of the product, offers not only examples of security best practices, but also provides step-by-step instructions on how to implement the recommendations presented. A must-read for even the most experienced APEX developer, Expert Oracle Application Express Security can help your organization ensure their APEX applications are as secure as they can be.Expert's voice in Oracle.Application softwareDevelopmentApplication softwareDevelopment.005.8Spendolini Scott891327MiAaPQMiAaPQMiAaPQBOOK9910438103503321Expert Oracle Application Express Security1990764UNINA