JDBC API allows multiple credentials to be used.
DataSource.getConnection("user", "password").
We can mark the resource reference's authentication as "Application"
eg:
<resource-ref>
<res-ref-name>DataSource</res-ref-name>
<res-type>javax.sql.DataSource</res-type>
<res-auth>Application</res-auth>
<res-sharing-scope>Shareable</res-sharing-scope>
</resource-ref>
You can achieve this using a single connection pool which can manage
connections of multiple credentials and will do "connection-matching" to
make sure that appropriate connection (of requested credential) is
returned.
You can refer a sample test-case in GlassFish :
appserv-tests/devtests/jdbc/appauth
README :
https://glassfish-svn.dev.java.net/source/browse/glassfish-svn/trunk/v2/appserv-tests/devtests/jdbc/README?view=markup
For connector-connection-pools, there is "connector-security-map" that
is used to map the caller's identity (of appserver security domain) to
EIS identity (of EIS security domain).
http://docs.sun.com/app/docs/doc/820-7701/create-connector-security-map-1?l=en&a=view
This is not available for jdbc-connection-pool which can be a feature
that will be useful here. Please raise an Enhancement request for the
same.
Thanks,
-Jagadish
On Sat, 2010-11-06 at 09:09 -0700, noreply_at_java.net wrote:
> [quote=hanodl]
>
> Hi
>
> I need to do my authentication for the user sessions on the database, Thus I
> need to pass through from the session to the database the username and
> password and all access on the database has to be with their own username and
> password, for only certain users will be granted the roles on the database.
>
> Does anyone have an idea how to do it?
>
> [/quote]
>
> Normally Glassfish (like most application servers) will use connection pools
> to provide access to the database. This means that in a typical
> installation all database access is performed by one database user on behalf
> of many application users.
>
> To achieve what you want, you would have to have /n/ connection pools and /n/
> users (i.e. one connection pool per user). Then you would need to write
> code that, at login time, would figure out which connection pool to associate
> with the current user. This is almost certainly not what you want to do.
> But it is possible.
>
> Best,
> Laird
>
>
> --
>
> [Message sent by forum member 'ljnelson']
>
> View Post: http://forums.java.net/node/713377
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe_at_glassfish.dev.java.net
> For additional commands, e-mail: users-help_at_glassfish.dev.java.net
>