documentation/3.0/concepts/data_access004.htm - www.eclipse.org/eclipselink - Git at Google

 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
     "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
 <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
 <head>
 <meta http-equiv="Content-Type" content="text/html; charset=us-ascii" />
 <meta http-equiv="Content-Style-Type" content="text/css" />
 <meta http-equiv="Content-Script-Type" content="text/javascript" />
 <title>About Authentication | EclipseLink 3.0.x Understanding EclipseLink</title>
 <meta name="generator" content="Oracle DARB XHTML Converter (Mode = document) - Version 1.0.22 Build 1" />
 <meta name="date" content="2014-06-10T10:39:53Z" />
 <meta name="robots" content="noarchive" />
 <meta name="doctitle" content="About Authentication" />
 <meta name="relnum" content="3.0" />
 <link rel="stylesheet" type="text/css" href="../../dcommon/style.css" media="screen" />
 <link rel="copyright" href="../../dcommon/html/cpyr.htm" title="Copyright" type="text/html" />
 <link rel="start" href="../../index.htm" title="Home" type="text/html" />
 <link rel="contents" href="toc.htm" title="Contents" type="text/html" />
 <link rel="prev" href="data_access003.htm" title="Previous" type="text/html" />
 <link rel="next" href="data_access005.htm" title="Next" type="text/html" />
 <!-- START: Disqus --><script type="text/javascript">  var disqus_developer = 0; </script><!-- END: Disqus --><!-- START: Sharethis --><script type="text/javascript">var switchTo5x=true;</script><script type="text/javascript" src="http://w.sharethis.com/button/buttons.js"></script><script type="text/javascript" src="http://s.sharethis.com/loader.js"></script> <!-- END: Sharethis --></head>
 <body bgcolor="#FFFFFF"><iframe id="docheader" frameborder="0" framemargin="0" scrolling="no" src="../../dcommon/header.html"></iframe><script src="http://www.google.com/jsapi" type="text/javascript"></script><script type="text/javascript">   google.load('search', '1', {language : 'en'});  google.setOnLoadCallback(function() {    var customSearchOptions = {};    var googleAnalyticsOptions = {};    googleAnalyticsOptions['queryParameter'] = 'q';    googleAnalyticsOptions['categoryParameter'] = '';    customSearchOptions['googleAnalyticsOptions'] = googleAnalyticsOptions;  var customSearchControl = new google.search.CustomSearchControl(      '016171230611334810008:mdbgdwjv8zu', customSearchOptions);    customSearchControl.setResultSetSize(google.search.Search.FILTERED_CSE_RESULTSET);    var options = new google.search.DrawOptions();    options.setSearchFormRoot('cse-search-form');    customSearchControl.draw('cse', options);  }, true);</script><link rel="stylesheet" href="http://www.google.com/cse/style/look/default.css" type="text/css" /><div id="cse" style="width:100%;"></div>
 <div class="header"><a id="top" name="top"></a>
 <table class="simple oac_no_warn" summary="" cellspacing="0" cellpadding="0" width="100%">
 <tr>
 <td align="left" valign="top"><div class="booktitle">Understanding EclipseLink,
 <b>3.0</b><br /></font></td>
 <td valign="bottom" align="right" width="144">
 <table class="simple oac_no_warn" summary="" cellspacing="0" cellpadding="0" width="100%">
 <tr>
 <td>&nbsp;</td>
 <td align="center" valign="top"><a href="toc.htm"><img src="../../dcommon/images/contents.png" alt="Go To Table Of Contents" border="0" height="16" width="16" /><br />
 </td><td>&nbsp;</td><td align="center"><a href="../../" target="_top" class="external text" title="Search" rel="nofollow"><img src="../../dcommon/images/search.png" alt="Search" style="border:0;" /><br /><span class="mini"></span></a></td><td>&nbsp;</td><td align="center"><a href="../eclipselink_otlcg.pdf" title="PDF" target="_blank"><img src="../../dcommon/images/pdf_icon.png" style="padding-right:5px;border:0" alt="PDF"></a></td>
 </tr>
 </table>
 </td>
 </tr>
 </table>
 <hr />
 <table class="navigation simple oac_no_warn" summary="" cellspacing="0" cellpadding="0" width="100" align="center">
 <tr>
 <td align="center"><a href="data_access003.htm"><img src="../../dcommon/images/larrow.png" alt="Previous" border="0" height="16" width="16" /></a></td>
 <td align="center"><a href="data_access005.htm"><img src="../../dcommon/images/rarrow.png" alt="Next" border="0" height="16" width="16" /></a></td>
 <td>&nbsp;</td>
 </tr>
 </table>
 </div>
 <!-- class="header" -->
 <div class="ind"><!-- End Header --><a id="CHDBFFGG" name="CHDBFFGG"></a><a id="OTLCG93605" name="OTLCG93605"></a>
 <div class="sect1"><!-- infolevel="all" infotype="General" -->
 <h1 class="sect1"><font face="arial, helvetica, sans-serif" color="#330099">About Authentication</font></h1>
 <p><strong>Authentication</strong> is the means by which a data source validates a user's identity and determines whether the user has sufficient privileges to perform a given action. Authentication plays a central role in data security and user accountability and auditing.</p>
 <p>For two-tier applications, simple JDBC authentication is usually sufficient.</p>
 <p>The following sections describe the different authentication strategies:</p>
 <ul>
 <li>
 <p><a href="#CHDEIDHF">Simple JDBC Authentication</a></p>
 </li>
 <li>
 <p><a href="#CHDFACHD">Oracle Database Proxy Authentication</a></p>
 </li>
 <li>
 <p><a href="#CHDFCJDB">Auditing</a></p>
 </li>
 </ul>
 <a id="CHDEIDHF" name="CHDEIDHF"></a><a id="OTLCG93606" name="OTLCG93606"></a>
 <div class="sect2"><!-- infolevel="all" infotype="General" -->
 <h2 class="sect2"><font face="arial, helvetica, sans-serif" color="#330099">Simple JDBC Authentication</font></h2>
 <p>When you configure an EclipseLink database login with a user name and password, EclipseLink provides these credentials to the JDBC driver that you configure your application to use.</p>
 <p>By default, EclipseLink reads passwords from the <code>persistence.xml</code> file.</p>
 </div>
 <!-- class="sect2" -->
 <a id="CHDFACHD" name="CHDFACHD"></a><a id="OTLCG93607" name="OTLCG93607"></a>
 <div class="sect2"><!-- infolevel="all" infotype="General" -->
 <h2 class="sect2"><font face="arial, helvetica, sans-serif" color="#330099">Oracle Database Proxy Authentication</font></h2>
 <p>EclipseLink supports proxy authentication with Oracle Database in Java SE applications and Jakarta EE applications with the Oracle JDBC driver and external connection pools only.</p>
 <div align="center">
 <div class="inftblnote"><br />
 <table class="Note oac_no_warn" summary="" border="1" width="80%" frame="hsides" rules="groups" cellpadding="3" cellspacing="0">
 <tbody>
 <tr>
 <td align="left">
 <p class="note"><img src="../../dcommon/images/note_icon.png" width="16" height="16" alt="Note" style="vertical-align:middle;padding-right:5px;" />Note:</p>
 <p>EclipseLink does not support Oracle Database proxy authentication with JTA.</p>
 </td>
 </tr>
 </tbody>
 </table>
 <br /></div>
 <!-- class="inftblnote" --></div>
 <p>Oracle Database proxy authentication delivers the following security benefits:</p>
 <ul>
 <li>
 <p>A limited trust model, by controlling the users on whose behalf middle tiers can connect, and the roles the middle tiers can assume for the user.</p>
 </li>
 <li>
 <p>Scalability, by supporting user sessions through Oracle Call Interface (OCI) and thick JDBC, and eliminating the overhead of reauthenticating clients.</p>
 </li>
 <li>
 <p>Accountability, by preserving the identity of the real user through to the database, and enabling auditing of actions taken on behalf of the real user.</p>
 </li>
 <li>
 <p>Flexibility, by supporting environments in which users are known to the database, and in which users are merely "application users" of which the database has no awareness.</p>
 </li>
 </ul>
 <div align="center">
 <div class="inftblnote"><br />
 <table class="Note oac_no_warn" summary="" border="1" width="80%" frame="hsides" rules="groups" cellpadding="3" cellspacing="0">
 <tbody>
 <tr>
 <td align="left">
 <p class="note"><img src="../../dcommon/images/note_icon.png" width="16" height="16" alt="Note" style="vertical-align:middle;padding-right:5px;" />Note:</p>
 <p>Oracle Database supports proxy authentication in three-tiers only; it does not support it across multiple middle tiers.</p>
 </td>
 </tr>
 </tbody>
 </table>
 <br /></div>
 <!-- class="inftblnote" --></div>
 <p>For more information about authentication in Oracle Database, see "Preserving User Identity in Multitiered Environments" in the <em>Oracle Database Security Guide</em>.</p>
 <p>Configure your EclipseLink database login to use proxy authentication to do the following:</p>
 <ul>
 <li>
 <p>address the complexities of authentication in a three-tier architecture (such as client-to-middle-tier and middle-tier-to-database authentication, and client reauthentication through the middle -tier to the database)</p>
 </li>
 <li>
 <p>enhance database audit information (for even triggers and stored procedures) by using a specific user for database operations, rather than the generic pool user</p>
 </li>
 <li>
 <p>simplify VPD/OLS configuration by using a proxy user, rather than setting user information directly in the session context with stored procedures</p>
 </li>
 </ul>
 </div>
 <!-- class="sect2" -->
 <a id="CHDFCJDB" name="CHDFCJDB"></a><a id="OTLCG93608" name="OTLCG93608"></a>
 <div class="sect2"><!-- infolevel="all" infotype="General" -->
 <h2 class="sect2"><font face="arial, helvetica, sans-serif" color="#330099">Auditing</font></h2>
 <p>Regardless of what type of authentication you choose, EclipseLink logs the name of the user associated with all database operations. <a href="#CHDHDDGJ">Example 7-1</a> shows the <code>CONFIG</code> level EclipseLink logs when a <code>ServerSession</code> connects through the main connection for the sample user "scott", and a <code>ClientSession</code> uses proxy connection "jeff"</p>
 <div class="example"><a id="CHDHDDGJ" name="CHDHDDGJ"></a><a id="OTLCG93609" name="OTLCG93609"></a>
 <p><strong><em><font face="arial, helvetica, sans-serif">Example 7-1 Logs with Oracle Database Proxy Authentication</font></em></strong></p>
 <pre xml:space="preserve" class="oac_no_warn">
 [EclipseLink Config]--ServerSession(13)--Connection(14)--Thread(Thread[main,5,main])--connecting(DatabaseLogin( platform=&gt;Oracle9Platform   user name=&gt; "scott" connector=&gt;OracleJDBC10_1_0_2ProxyConnector datasource name=&gt;DS))
 [EclipseLink Config]--ServerSession(13)--Connection(34)--Thread(Thread[main,5,main])--Connected: jdbc:oracle:thin:@localhost:1521:orcl
 User: SCOTT
 [EclipseLink Config]--ClientSession(53)--Connection(54)--Thread(Thread[main,5,main])--connecting(DatabaseLogin(platform=&gt;Oracle9Platform user name=&gt; "scott" connector=&gt;OracleJDBC10_1_0_2ProxyConnector datasource name=&gt;DS))
 [EclipseLink Config]--ClientSession(53)--Connection(56)--Thread(Thread[main,5,main])--Connected: jdbc:oracle:thin:@localhost:1521:orcl
 User: jeff
 </pre></div>
 <!-- class="example" -->
 <p>Your database server likely provides additional user auditing options. Consult your database server documentation for details.</p>
 <p>Alternatively, you may consider using the EclipseLink persistence unit in conjunction with your database schema for auditing purposes.</p>
 </div>
 <!-- class="sect2" --></div>
 <!-- class="sect1" --></div>
 <!-- class="ind" -->
 <!-- Start Footer -->
 <div class="footer">
 <hr />
 <table class="simple oac_no_warn" summary="" cellspacing="0" cellpadding="0" width="100%">
 <col width="33%" />
 <col width="*" />
 <col width="33%" />
 <tr>
 <td valign="bottom">
 <table class="navigation simple oac_no_warn" summary="" cellspacing="0" cellpadding="0" width="100" align="center">
 <col width="*" />
 <col width="48%" />
 <col width="48%" />
 <tr>
 <td>&nbsp;</td>
 <td align="center"><a href="data_access003.htm"><img src="../../dcommon/images/larrow.png" alt="Previous" border="0" height="16" width="16" /></a></td>
 <td align="center"><a href="data_access005.htm"><img src="../../dcommon/images/rarrow.png" alt="Next" border="0" height="16" width="16" /></a></td>
 </tr>
 </table>
 </td>
 <td align="center" width="34%"><a href="http://www.eclipse.org/eclipselink/" title="EclipseLink home"><img src="../../dcommon/images/ellogo.png" alt="EclipseLink" width="150" border="0" /></a><br />


 <td valign="bottom" align="right">
 <table class="simple oac_no_warn" summary="" cellspacing="0" cellpadding="0" width="225">
 <tr>
 <td>&nbsp;</td>
 <td align="center" valign="top"><a href="toc.htm"><img src="../../dcommon/images/contents.png" alt="Go To Table Of Contents" border="0" height="16" width="16" /><br />
 </td><td>&nbsp;</td><td align="center"><a href="../../" target="_top" class="external text" title="Search" rel="nofollow"><img src="../../dcommon/images/search.png" alt="Search" style="border:0;" /><br /><span class="mini"></span></a></td><td>&nbsp;</td><td align="center"><a href="../eclipselink_otlcg.pdf" title="PDF" target="_blank"><img src="../../dcommon/images/pdf_icon.png" style="padding-right:5px;border:0" alt="PDF"></a></td>
 </tr>
 </table>
 </td>
 </tr>
 </table>
 </div>
 <!-- class="footer" -->
 <div id="copyright">Copyright &copy; 2012 by The Eclipse Foundation under the <a href="http://www.eclipse.org/org/documents/epl-v10.php">Eclipse Public License (EPL)</a><br /> <script type="text/javascript">var LastUpdated = document.lastModified;document.writeln ("Updated: " + LastUpdated);</script> </div><!-- START: Analytics --><script type="text/javascript">		  var _gaq = _gaq || [];		  _gaq.push(['_setAccount', 'UA-1608008-2']);		  _gaq.push(['_trackPageview']);				  (function() {		    var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true;		    ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js';		    var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s);		  })();				</script><!-- END: Analytics --><!-- START: Sharethis --><script>var options={ "publisher": "e2fe9e07-fab6-4f84-83ea-0991b429842c", "position": "right", "ad": { "visible": false, "openDelay": 5, "closeDelay": 0}};var st_hover_widget = new sharethis.widgets.hoverbuttons(options);</script><!-- END: Sharethis --></body>
 </html>
	<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
	"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
	<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
	<head>
	<meta http-equiv="Content-Type" content="text/html; charset=us-ascii" />
	<meta http-equiv="Content-Style-Type" content="text/css" />
	<meta http-equiv="Content-Script-Type" content="text/javascript" />
	<title>About Authentication \| EclipseLink 3.0.x Understanding EclipseLink</title>
	<meta name="generator" content="Oracle DARB XHTML Converter (Mode = document) - Version 1.0.22 Build 1" />
	<meta name="date" content="2014-06-10T10:39:53Z" />
	<meta name="robots" content="noarchive" />
	<meta name="doctitle" content="About Authentication" />
	<meta name="relnum" content="3.0" />
	<link rel="stylesheet" type="text/css" href="../../dcommon/style.css" media="screen" />
	<link rel="copyright" href="../../dcommon/html/cpyr.htm" title="Copyright" type="text/html" />
	<link rel="start" href="../../index.htm" title="Home" type="text/html" />
	<link rel="contents" href="toc.htm" title="Contents" type="text/html" />
	<link rel="prev" href="data_access003.htm" title="Previous" type="text/html" />
	<link rel="next" href="data_access005.htm" title="Next" type="text/html" />
	<!-- START: Disqus --><script type="text/javascript"> var disqus_developer = 0; </script><!-- END: Disqus --><!-- START: Sharethis --><script type="text/javascript">var switchTo5x=true;</script><script type="text/javascript" src="http://w.sharethis.com/button/buttons.js"></script><script type="text/javascript" src="http://s.sharethis.com/loader.js"></script> <!-- END: Sharethis --></head>
	<body bgcolor="#FFFFFF"><iframe id="docheader" frameborder="0" framemargin="0" scrolling="no" src="../../dcommon/header.html"></iframe><script src="http://www.google.com/jsapi" type="text/javascript"></script><script type="text/javascript"> google.load('search', '1', {language : 'en'}); google.setOnLoadCallback(function() { var customSearchOptions = {}; var googleAnalyticsOptions = {}; googleAnalyticsOptions['queryParameter'] = 'q'; googleAnalyticsOptions['categoryParameter'] = ''; customSearchOptions['googleAnalyticsOptions'] = googleAnalyticsOptions; var customSearchControl = new google.search.CustomSearchControl( '016171230611334810008:mdbgdwjv8zu', customSearchOptions); customSearchControl.setResultSetSize(google.search.Search.FILTERED_CSE_RESULTSET); var options = new google.search.DrawOptions(); options.setSearchFormRoot('cse-search-form'); customSearchControl.draw('cse', options); }, true);</script><link rel="stylesheet" href="http://www.google.com/cse/style/look/default.css" type="text/css" /><div id="cse" style="width:100%;"></div>
	<div class="header"><a id="top" name="top"></a>
	<table class="simple oac_no_warn" summary="" cellspacing="0" cellpadding="0" width="100%">
	<tr>
	<td align="left" valign="top"><div class="booktitle">Understanding EclipseLink,
	<b>3.0</b><br /></font></td>
	<td valign="bottom" align="right" width="144">
	<table class="simple oac_no_warn" summary="" cellspacing="0" cellpadding="0" width="100%">
	<tr>
	<td> </td>
	<td align="center" valign="top"><a href="toc.htm"><img src="../../dcommon/images/contents.png" alt="Go To Table Of Contents" border="0" height="16" width="16" /><br />
	</td><td> </td><td align="center"><a href="../../" target="_top" class="external text" title="Search" rel="nofollow"><img src="../../dcommon/images/search.png" alt="Search" style="border:0;" /><br /><span class="mini"></span></a></td><td> </td><td align="center"><a href="../eclipselink_otlcg.pdf" title="PDF" target="_blank"><img src="../../dcommon/images/pdf_icon.png" style="padding-right:5px;border:0" alt="PDF"></a></td>
	</tr>
	</table>
	</td>
	</tr>
	</table>
	<hr />
	<table class="navigation simple oac_no_warn" summary="" cellspacing="0" cellpadding="0" width="100" align="center">
	<tr>
	<td align="center"><a href="data_access003.htm"><img src="../../dcommon/images/larrow.png" alt="Previous" border="0" height="16" width="16" /></a></td>
	<td align="center"><a href="data_access005.htm"><img src="../../dcommon/images/rarrow.png" alt="Next" border="0" height="16" width="16" /></a></td>
	<td> </td>
	</tr>
	</table>
	</div>
	<!-- class="header" -->
	<div class="ind"><!-- End Header --><a id="CHDBFFGG" name="CHDBFFGG"></a><a id="OTLCG93605" name="OTLCG93605"></a>
	<div class="sect1"><!-- infolevel="all" infotype="General" -->
	<h1 class="sect1"><font face="arial, helvetica, sans-serif" color="#330099">About Authentication</font></h1>
	<p><strong>Authentication</strong> is the means by which a data source validates a user's identity and determines whether the user has sufficient privileges to perform a given action. Authentication plays a central role in data security and user accountability and auditing.</p>
	<p>For two-tier applications, simple JDBC authentication is usually sufficient.</p>
	<p>The following sections describe the different authentication strategies:</p>
	<ul>
	<li>
	<p><a href="#CHDEIDHF">Simple JDBC Authentication</a></p>
	</li>
	<li>
	<p><a href="#CHDFACHD">Oracle Database Proxy Authentication</a></p>
	</li>
	<li>
	<p><a href="#CHDFCJDB">Auditing</a></p>
	</li>
	</ul>
	<a id="CHDEIDHF" name="CHDEIDHF"></a><a id="OTLCG93606" name="OTLCG93606"></a>
	<div class="sect2"><!-- infolevel="all" infotype="General" -->
	<h2 class="sect2"><font face="arial, helvetica, sans-serif" color="#330099">Simple JDBC Authentication</font></h2>
	<p>When you configure an EclipseLink database login with a user name and password, EclipseLink provides these credentials to the JDBC driver that you configure your application to use.</p>
	<p>By default, EclipseLink reads passwords from the <code>persistence.xml</code> file.</p>
	</div>
	<!-- class="sect2" -->
	<a id="CHDFACHD" name="CHDFACHD"></a><a id="OTLCG93607" name="OTLCG93607"></a>
	<div class="sect2"><!-- infolevel="all" infotype="General" -->
	<h2 class="sect2"><font face="arial, helvetica, sans-serif" color="#330099">Oracle Database Proxy Authentication</font></h2>
	<p>EclipseLink supports proxy authentication with Oracle Database in Java SE applications and Jakarta EE applications with the Oracle JDBC driver and external connection pools only.</p>
	<div align="center">
	<div class="inftblnote"><br />
	<table class="Note oac_no_warn" summary="" border="1" width="80%" frame="hsides" rules="groups" cellpadding="3" cellspacing="0">
	<tbody>
	<tr>
	<td align="left">
	<p class="note"><img src="../../dcommon/images/note_icon.png" width="16" height="16" alt="Note" style="vertical-align:middle;padding-right:5px;" />Note:</p>
	<p>EclipseLink does not support Oracle Database proxy authentication with JTA.</p>
	</td>
	</tr>
	</tbody>
	</table>
	<br /></div>
	<!-- class="inftblnote" --></div>
	<p>Oracle Database proxy authentication delivers the following security benefits:</p>
	<ul>
	<li>
	<p>A limited trust model, by controlling the users on whose behalf middle tiers can connect, and the roles the middle tiers can assume for the user.</p>
	</li>
	<li>
	<p>Scalability, by supporting user sessions through Oracle Call Interface (OCI) and thick JDBC, and eliminating the overhead of reauthenticating clients.</p>
	</li>
	<li>
	<p>Accountability, by preserving the identity of the real user through to the database, and enabling auditing of actions taken on behalf of the real user.</p>
	</li>
	<li>
	<p>Flexibility, by supporting environments in which users are known to the database, and in which users are merely "application users" of which the database has no awareness.</p>
	</li>
	</ul>
	<div align="center">
	<div class="inftblnote"><br />
	<table class="Note oac_no_warn" summary="" border="1" width="80%" frame="hsides" rules="groups" cellpadding="3" cellspacing="0">
	<tbody>
	<tr>
	<td align="left">
	<p class="note"><img src="../../dcommon/images/note_icon.png" width="16" height="16" alt="Note" style="vertical-align:middle;padding-right:5px;" />Note:</p>
	<p>Oracle Database supports proxy authentication in three-tiers only; it does not support it across multiple middle tiers.</p>
	</td>
	</tr>
	</tbody>
	</table>
	<br /></div>
	<!-- class="inftblnote" --></div>
	<p>For more information about authentication in Oracle Database, see "Preserving User Identity in Multitiered Environments" in the <em>Oracle Database Security Guide</em>.</p>
	<p>Configure your EclipseLink database login to use proxy authentication to do the following:</p>
	<ul>
	<li>
	<p>address the complexities of authentication in a three-tier architecture (such as client-to-middle-tier and middle-tier-to-database authentication, and client reauthentication through the middle -tier to the database)</p>
	</li>
	<li>
	<p>enhance database audit information (for even triggers and stored procedures) by using a specific user for database operations, rather than the generic pool user</p>
	</li>
	<li>
	<p>simplify VPD/OLS configuration by using a proxy user, rather than setting user information directly in the session context with stored procedures</p>
	</li>
	</ul>
	</div>
	<!-- class="sect2" -->
	<a id="CHDFCJDB" name="CHDFCJDB"></a><a id="OTLCG93608" name="OTLCG93608"></a>
	<div class="sect2"><!-- infolevel="all" infotype="General" -->
	<h2 class="sect2"><font face="arial, helvetica, sans-serif" color="#330099">Auditing</font></h2>
	<p>Regardless of what type of authentication you choose, EclipseLink logs the name of the user associated with all database operations. <a href="#CHDHDDGJ">Example 7-1</a> shows the <code>CONFIG</code> level EclipseLink logs when a <code>ServerSession</code> connects through the main connection for the sample user "scott", and a <code>ClientSession</code> uses proxy connection "jeff"</p>
	<div class="example"><a id="CHDHDDGJ" name="CHDHDDGJ"></a><a id="OTLCG93609" name="OTLCG93609"></a>
	<p><strong><em><font face="arial, helvetica, sans-serif">Example 7-1 Logs with Oracle Database Proxy Authentication</font></em></strong></p>
	<pre xml:space="preserve" class="oac_no_warn">
	[EclipseLink Config]--ServerSession(13)--Connection(14)--Thread(Thread[main,5,main])--connecting(DatabaseLogin( platform=>Oracle9Platform user name=> "scott" connector=>OracleJDBC10_1_0_2ProxyConnector datasource name=>DS))
	[EclipseLink Config]--ServerSession(13)--Connection(34)--Thread(Thread[main,5,main])--Connected: jdbc:oracle:thin:@localhost:1521:orcl
	User: SCOTT
	[EclipseLink Config]--ClientSession(53)--Connection(54)--Thread(Thread[main,5,main])--connecting(DatabaseLogin(platform=>Oracle9Platform user name=> "scott" connector=>OracleJDBC10_1_0_2ProxyConnector datasource name=>DS))
	[EclipseLink Config]--ClientSession(53)--Connection(56)--Thread(Thread[main,5,main])--Connected: jdbc:oracle:thin:@localhost:1521:orcl
	User: jeff
	</pre></div>
	<!-- class="example" -->
	<p>Your database server likely provides additional user auditing options. Consult your database server documentation for details.</p>
	<p>Alternatively, you may consider using the EclipseLink persistence unit in conjunction with your database schema for auditing purposes.</p>
	</div>
	<!-- class="sect2" --></div>
	<!-- class="sect1" --></div>
	<!-- class="ind" -->
	<!-- Start Footer -->
	<div class="footer">
	<hr />
	<table class="simple oac_no_warn" summary="" cellspacing="0" cellpadding="0" width="100%">
	<col width="33%" />
	<col width="*" />
	<col width="33%" />
	<tr>
	<td valign="bottom">
	<table class="navigation simple oac_no_warn" summary="" cellspacing="0" cellpadding="0" width="100" align="center">
	<col width="*" />
	<col width="48%" />
	<col width="48%" />
	<tr>
	<td> </td>
	<td align="center"><a href="data_access003.htm"><img src="../../dcommon/images/larrow.png" alt="Previous" border="0" height="16" width="16" /></a></td>
	<td align="center"><a href="data_access005.htm"><img src="../../dcommon/images/rarrow.png" alt="Next" border="0" height="16" width="16" /></a></td>
	</tr>
	</table>
	</td>
	<td align="center" width="34%"><a href="http://www.eclipse.org/eclipselink/" title="EclipseLink home"><img src="../../dcommon/images/ellogo.png" alt="EclipseLink" width="150" border="0" /></a><br />


	<td valign="bottom" align="right">
	<table class="simple oac_no_warn" summary="" cellspacing="0" cellpadding="0" width="225">
	<tr>
	<td> </td>
	<td align="center" valign="top"><a href="toc.htm"><img src="../../dcommon/images/contents.png" alt="Go To Table Of Contents" border="0" height="16" width="16" /><br />
	</td><td> </td><td align="center"><a href="../../" target="_top" class="external text" title="Search" rel="nofollow"><img src="../../dcommon/images/search.png" alt="Search" style="border:0;" /><br /><span class="mini"></span></a></td><td> </td><td align="center"><a href="../eclipselink_otlcg.pdf" title="PDF" target="_blank"><img src="../../dcommon/images/pdf_icon.png" style="padding-right:5px;border:0" alt="PDF"></a></td>
	</tr>
	</table>
	</td>
	</tr>
	</table>
	</div>
	<!-- class="footer" -->
	<div id="copyright">Copyright © 2012 by The Eclipse Foundation under the <a href="http://www.eclipse.org/org/documents/epl-v10.php">Eclipse Public License (EPL)</a><br /> <script type="text/javascript">var LastUpdated = document.lastModified;document.writeln ("Updated: " + LastUpdated);</script> </div><!-- START: Analytics --><script type="text/javascript"> var _gaq = _gaq \|\| []; _gaq.push(['_setAccount', 'UA-1608008-2']); _gaq.push(['_trackPageview']); (function() { var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true; ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js'; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s); })(); </script><!-- END: Analytics --><!-- START: Sharethis --><script>var options={ "publisher": "e2fe9e07-fab6-4f84-83ea-0991b429842c", "position": "right", "ad": { "visible": false, "openDelay": 5, "closeDelay": 0}};var st_hover_widget = new sharethis.widgets.hoverbuttons(options);</script><!-- END: Sharethis --></body>
	</html>