5 Configure Oracle Deep Data Security for a Sample Application
In this quick-start chapter, you'll learn how to configure Oracle Deep Data Security (Deep Sec) in an Oracle AI Database environment for a sample Spring Boot application.
Note:
- For a sample script that performs the database-side configuration for this scenario, see Scripts for the Employee Records Application. You must complete the Microsoft Entra ID, TLS, and Spring Boot application setup manually.
- This quick start uses Microsoft Entra ID as the identity provider. You can also use Oracle Cloud Infrastructure Identity and Access Management (OCI IAM). For the corresponding configuration steps, see Configure OCI IAM for Application-Mediated Access.
Overview of tasks
The table below outlines the tasks you'll complete in this chapter.
| Task | Topic |
|---|---|
|
Learn about the sample application, the end-to-end security flow, and the Deep Sec capabilities you'll implement. |
|
|
Review host, database, network, and software prerequisites |
|
|
Register the database and Spring Boot application in Microsoft Entra ID to establish trust and define application roles |
|
|
Create a test user in Entra ID and assign required roles |
|
|
Create a server wallet and a self-signed certificate for TLS encryption |
|
|
Configure the database listener and network layer for TCPS connections and token-based authentication |
|
|
Create the sample |
|
|
Clone the sample Spring Boot application, configure the JDBC provider, and set up environment variables |
|
|
Build the application, obtain an Entra ID access token, and verify data access control and privilege elevation |