[Achitecture] Trace events ..

[taska]

... de retour dans une architecture FORMS ..

Pensez vous qu'il soit possible de tracer en temps réel, ( soit sur le poste client, soit sur le serveur ) les actions ( événements ) générées par un utilisateur ?

J'ai regardé du coté :

1. d'un sniffer de carte réseau , qui me permet de tracer quelques échanges entre l'applet et l'AS ...
2. d'ATTACH DEBUG de Form Builer,
3. de la génération de trace session (.trc > xml ) difficilement compréhensible .

sans y avoir trouvé mon bonheur ...

Tous vos avis sont les bienvenus ...

( un PJC serait-il capable de capter les évenements block:item.evt ? )


CDLT.

[taska]

Citation:

SECURITY
The Oracle Developer Server applet has been digitally signed using DSA (Digital Signature Algorithm).
Please refer to the Oracle Developer documentation for information on configuring the Oracle
Developer client.
The low-level proprietary communication and data being sent between the Forms Server and the applet
is encrypted using industry standard, 40-bit RSA encryption and decryption.

Citation:

COMMUNICATIONS AND SECURITY
When running the Forms Server, the Java Applet implementing the user interface and the Forms Server engine
need to communicate. This can be done using a conventional TCP/IP Sockets connection for intranet use, or
using HTTP/1.1 as a protocol for Internet use where Firewalls prevent the use of a direct socket connection.
In either case, all of the traffic that is transmitted between the Client and Forms Engine is encrypted using 40-
bit RSA encoding. This encryption can be turned off optionally, but we would not recommend that sites do
this.

How to do this ?
Comment faire ?

CDLT.

[LeoAnderson]

je présume qu'il s'agit de l'implémentation de TCPS sur la couche SQL*net
il s'agit d'un option de Advanced Security.

Il faut un certificat client et un serveur, configurer les wallets et modifier le sqlnet.ora.

[taska]

... en fait d'aprés ce que je pense avoir compris, il y a effectivement une config modifiable afin de permettre un flux non crypté entre un serveur de BDD et un client via la couche SQLNet ...

http://www.csee.umbc.edu/help/oracle...nf_.htm#740377
http://download.oracle.com/docs/cd/A...ppa.htm#617110
http://download-uk.oracle.com/docs/c...8/asoconfg.htm

D'aprés ce que je pense avoir compris, un mécanisme similaire existe entre une applet FORMS (9I) et l'AS Forms.
C'est ce flux TCP que je souhaite pouvoir analyser ...

http://www.oracle.com/technology/pro...pdf/275632.pdf

Citation:

COMMUNICATIONS AND SECURITY
When running the Forms Server, the Java Applet implementing the user interface and the Forms Server engine
need to communicate. This can be done using a conventional TCP/IP Sockets connection for intranet use, or
using HTTP/1.1 as a protocol for Internet use where Firewalls prevent the use of a direct socket connection.
In either case, all of the traffic that is transmitted between the Client and Forms Engine is encrypted using 40-
bit RSA encoding. This encryption can be turned off optionally, but we would not recommend that sites do
this.
Also available as an option is the use of Secure Sockets Layer (HTTPS) instead of Sockets or HTTP to provide
a further layer of security. HTTPS currently supports 128-bit encryption for US domestic customers and 40-bit
for non-US customers. As the US relaxes laws for the export of encryption technologies, 128-bit encryption
will become available for all users.
For more information on the use of HTTP with Oracle Developer Forms Server and security/firewall issues
generally see the Oracle White Paper: Deploying Internet Applications using HTTP Enabled Oracle Developer Server.

CDLT.