A fairly simple, yet highly efficient way of preventing users to perform anything on the database if they are not connected through your application is as follows.

1. Create a role (or more roles) with all privileges neaded in your aplication. Protect this role with a password, not known to users.

CREATE ROLE app_role IDENTIFIED BY top_secret;
GRANT (..all_required_privs..) TO app_role;

2. Create a user. Do not grant him anything other than CREATE SESSION system privilege (certanly do not grant him CONNECT or RESOURCE role, they are way to powerfull!). Grant him also your APP_ROLE role, but it should not be his default role, so it will not be enabled automaticaly when he connects.

CREATE USER app_user IDENTIFIED BY blahblah DEFAULT TABLESPACE .......;
GRANT CREATE SESSION TO app_user;
GRANT app_role TO app_user;
ALTER USER app_user DEFAULT ROLE NONE;

With this setup, your app_user can connect to database, but he can do practically nothing. He can select from dual or other few publicly available tables and views, but that is about all he can do. If he wants to perform any other selects or DMLs that he is allowed to do through application, he would have to isue:
"SET ROLE app_role IDENTIFIED BY top_secret;",
but he does not know the password ("top_secret")!

On the other hand, you make this password known to application (it can be hardcoded in the application, stored somewhere in a publicly unaccesible file or something like that...). When the user connects to database through application, the application unlocks the app_role with the top_secret password in the background, hidden from user. So in application user can perform anything required for that application, outside the application he can do virtualy nothing.