APEX 4.1 - Sigurnost
Oracle Application Express je snažan web aplikacija okvir koji pruža veliki broj mogućnosti i sigurnosti. Kao i sa svakim alatom, ipak, mora se rukovati s pažnjom. U većini slučajeva pitanje o sigurnosti APEX aplikacije, ili nije pravilno provedeno ili je čak potpuno ignorirano. U ovoj lekciji ćete naučiti o sigurnosnim značajkama u APEX 4.1 i kako izbjeći najčešće pogreške u primjeni dizajna:
1. Korištenje autorizacija
2. Korištenje skrivenih točaka i session State Protection
3. Izbjegavanje SQL Injection i korištenje DBMS_ASSERT
4. Izbjegavanje Cross Site Scripting
5. Korištenje Image provjere
APEX 4.1 - Security
Abstract
Oracle Application Express is a powerful web application framework that provides a great number of features and security. Like any tool, though, it must be handled with care. In the most of the cases the question about security of APEX application is either not properly implemented or even completely ignored. In this lesson you will learn about the security features in the APEX 4.1 and how to avoid the most common mistakes in the application design:
1. Using Authorization
2. Using Hidden Item and Session State Protection
3. Avoiding SQL Injection and using DBMS_ASSERT
4. Avoiding Cross Site Scripting
5. Using Image Verification
Vrsta: Radionica / Workshop
Razina težine: Vrlo detaljno i stručno / Expert
Poželjno iskustvo slušatelja: Iskusni (2-3 g.) / Experianced
Poželjna funkcija slušatelja:
Krajnji korisnik / End User
DBA
Developer
Predviđeno vrijeme trajanja rada - aktivnosti: 60 min
BI-Cubes
Manager i Oracle / Oracle Apex konzultant, BI-Cubes / Opal Consulting (www.opal-consulting.de)
Deneš Kubiček je rođen u Hrvatska i živio u Njemačkoj u posljednjih 18 godina. On je "Oracle Application Express Developer godine 2008" i poznati Oracle bloger na http://www.deneskubicek.blogspot.com. Radio je za T-Systems, Telekom, BASF, Postbank, Windhagen i nekoliko drugih velikih tvrtki. Aktivan je u OTN korisnika s više od 4000 postova. Njegov demo aplikacija na http://apex.oracle.com/pls/otn/f?p=31517:1 je jedan od najpopularnijih Apex izvora na internetu. Deneš Kubicek je također Oracle ACE direktor i prvi Oracle ACE iz Hrvatska.
Bio:
Manager and Oracle / Oracle Apex Consultant, BI-Cubes / Opal Consulting (www.opal-consulting.de)
Denes Kubicek was born in Croatia and had lived in Germany for the last 18 years. He is the "Oracle Application Express Developer of the Year 2008 " and well known Oracle blogger at http://www.deneskubicek.blogspot.com. He who works for T-Systems, Telekom, BASF, Postbank, Windhagen and several other big companies. He is an active OTN user with more than 4000 postings and his Demo Application at http://apex.oracle.com/pls/otn/f?p=31517:1 is one of the most popular Apex sources on the net. Denes Kubicek is also an Oracle ACE Director and first Oracle ACE from Croatia.