Hi Shaba,
you should post the following details of your problem on
users_at_jax-rpc.dev.java.net because it seems JAXRPC specific.
Thanks,
Anil.
shaba dil wrote:
> >If however, that does not help and you would be interested in
> >exploring the possibility of using WS-Security (which is part of
> >jwsdp1.4), please let us know, so that we can give you a detailed
> >alternative solution
>
> Thanks Anil,
>
> Creating roles and users in DB and giving DBA access permissions will
> be very error prone and less flexible.I am not thinking about it.
>
> I just want to use it in java layer.i am using JDO.
>
> Plz giv me some hints abt security from database.JDBC is there so it's
> easy to retrieve username and password from DB and check it according
> to collected data from user.
>
> there will be a 'user' table to store user details.and for
> authorisation,i'll create 2 tables named as,
>
> user_role
> role_permission
>
> each user have a role.that mean in user table, a column will be there
> for his role.that will be the primary key of user_role table.
>
> each user_role primary key will be associated to a role_permission.so
> each user role have a seperate permission for accessing the
> tables.that mean in role_permission table,a column will be there for
> user_role primary key.
>
> Now there is no need of doing it in database layer.that mean creating
> DBA permissions.
>
> i just wanna retrieve information from role_permission table and check
> the role of currunt user(retrieved from user_role table).this
> information can be used for restricting some tables(functionalities)
> from user.
>
> for eg:
>
> if(currentuser.getSecurityRole().equals(admin)){
> doProcess();
> else{
> dontDoProcess();
> }
>
> So i can successfully overcome the problom.
>
> But how can i deal it with JAX-RPC?.i need a good pattern and decision
> making abt it.
>
> plz share ur thoughts,
>
> Thanks
> Shaba
>
> Anil Kumar Tappetla <Anil.Tappetla_at_Sun.COM> wrote:
>
> Hi Shaba,
> please refer to
> http://java.sun.com/j2ee/1.4/docs/tutorial/doc/index.html (Chapter
> 32,
> XML and Web Services Security Section) for authentication techniques
> with JAX-RPC.
> As far as authorizing users to tables in your database, you
> should be using the support offered by your database management
> system
> to create roles/permissions.
> If however, that does not help and you would be interested in
> exploring the possibility of using WS-Security (which is part of
> jwsdp1.4), please let us know, so that we can give you a detailed
> alternative solution.
> Thanks,
> Anil.
>
> >Hi all,
> >
> >I wanna use authentication and authorisation with JAX-RPC.
> >
> >So users login with username and password which was stored in a
> database.
> >
> >I wanna authorise some users to use some tables.Mean i wanna
> create user! roles and permissions restrict access of some tables
> from some users.
> >
> >Any good reaource for this purpose dealing with JAX-RPC security
> authentication and autherisation from database?.
> >
> >Thanks,
> >Shaba
> >
> >
> >
>
>
> ------------------------------------------------------------------------
> Do you Yahoo!?
> Yahoo! Mail Address AutoComplete
> <http://us.rd.yahoo.com/mail_us/taglines/aac/*http://promotions.yahoo.com/new_mail/static/ease.html>
> - You start. We finish.