> well, I create JPA Entities that maps the JDBC realm
> tables..
>
> I used the table definitions of this blog:
> http://blogs.sun.com/swchan/entry/jdbcrealm_in_glassfi
> sh
Yes, I've seen that article, but unfortunatly the SQL statements were chopped off. (I used Firefox.) Today I tried with Internet Explorer on a Windows system and now I can see the whole statements.
There the grouptable is defined as follows:
create table grouptable(userid varchar(10) not null, groupid varchar(20) not null, primary key(userid));
So there must be a column with the name defined in "user-name-column" in the grouptable as well? It seems that the membership is defined in that table (and thus allows a user to be in more than one group). I couldn't find any documentation about the table structure in the manual, which is quite odd.
How did you this with JPA? I mean normally it's a good practice to have a generated primary key (Long) and a business key (here: the user name). But in the grouptable the user name column seems to be required as the foreign key???
> about your questions:
>
>
> > - Any min./ max. length restrictions?
>
> no idea, but it should be flexible since the
> container seems to not
> apply any constraints verification
According to Wikipedia the Hex representation of a MD5 hash is 32 characters long:
http://en.wikipedia.org/wiki/MD5
This matches the password column definition in the mentioned article:
create table usertable(userid varchar(10) not null, password varchar(32) not null, primary key(userid));
I guess the other columns can have any length.
>
> > - Does the user table have to have a foreign key
> column for the group table?
>
> no, and that's weird for me.. but, it is NxN
> relationship anyway..
> someone better in DB may help..
It seems that the the user table doesn't have to have a foreign key column for the group table, but the group table has to have a a foreign key column for the user table. So the group table does not really define a group, but a group membership. The groups seem to be defined only implicitly (if there is at least one membership).
>
> > - How will the group table be used?
>
> The Group == roles
>
> > - What about roles? (It's not the same as a group,
> right?)
>
> it is the same (same usage I mean)
>
Are you sure? As far as I understood they are not the same.
The article says:
4. Make sure that you have <security-role-mapping> in sun-*.xml. For instance,
<security-role-mapping>
<role-name>Employee</role-name>
<principal-name>Calvin</principal-name>
</security-role-mapping>
But with dynamic users I cannot add each user in that file!? Or can I also define a group name for the principal-name? I guess then I have to do something like:
<security-role-mapping>
<role-name>USERS</role-name>
<principal-name>USERS</principal-name>
</security-role-mapping>
And add each user registered via the AccountManager to the group USERS. Is this the way it works?
>
> > Probably I have to enable the SecurityManager, too,
> right? Do you recommend to activate the protocolling,
> too?
> yes, you need to activate the security (please check
> the glassfish
> manual for all details)
Yes, I checked the manual and help pages but couldn't get/ find everything. :-/
[Message sent by forum member 'puce' (puce)]
http://forums.java.net/jive/thread.jspa?messageID=333337