I guess you knew that setting up a connection to the DB typically involves passing a username and password. So at any given time you have the possibility to 'forward' the account info, as you've put it. Does 'an application server' have a ready-built solution for this?
Who knows? We don't even know what app-server you're using.
Public void connectToAndQueryDatabase(String username, String password) { Connection con = DriverManager. GetConnection ("jdbc:myDriver:myDatabase", username, password); Statement stmt = con.createStatement(); ResultSet rs = stmt. ExecuteQuery("SELECT a, b, c FROM Table1"); while (rs.next()) { int x = rs.
GetInt("a"); String s = rs. GetString("b"); float f = rs. GetFloat("c"); } // ... I guess you knew that setting up a connection to the DB typically involves passing a username and password.So at any given time you have the possibility to 'forward' the account info, as you've put it.
Does 'an application server' have a ready-built solution for this? Who knows? We don't even know what app-server you're using .. Your question is probably not answered yet because you are leaving out plenty of details of what it is you're trying to achieve and in which situation (technologies, ..) you're looking for a solution.
You talk about using the database's security features but not what in particular you're trying to accomplish. Probably there are other ways than using user accounts (roles etc). And typically a 'single-sign-on' solution involves a separate mechanism to control the accounts and rights and so on.
Choosing one is again influenced by what other systems (app-server, db, ..) you're planning to use. Msdn article oracle article softwaremag.com article ... Look for articles about securing web applications (provided that's what you're developing), authentication and authorisation.(The above links might be outdated but still hold valuable info. ) And definitely take security serious.
Cheers, Wim (Wanted to comment but it turned out a larger comment than expected).
My can also revers my question. I want login to an application server with an database account and receive a connection for this account. You sample does not described how I can receive the password.
That it must be a solution to create a database connection without a password with the current login. – Horcrux7 Aug 13 '11 at 7:37 You definitely should read some articles and books etc concerning authentication and authorisation. The ones that I've listed should get you some deeper understanding on these security issues and help you design the security for the application you're making.
I'm no guru myself but I know that securing applications is a job on its own and shouldn't be thought of as "I'll implement this little piece of code or that library and I'm good to go". – Wivani Aug 14 '11 at 19:33.
You can pass the username/password to DataSource#getConnection(String username, String password). Whether or not you use Spring for your data layer you can utilize the UserCredentialsDataSourceAdapter class to allow you to set the current username/password in the current thread. So for example: ${default.
Username} ${default. Password} In your code where you have access to the username/password (perhaps inside of a Servlet Filter) you could set the username and password for the current thread, and then clear it afterwards. Your Filter would have a reference to the UserCredentialsDataSourceAdapter data source with UserCredentialsDataSourceAdapter as the type.
So your DAO would be wired with the data source type DataSource, while the filter uses the same object using its more specific type. This is to allow the filter to do the following: private UserCredentialsDataSourceAdapter userCredentialsDataSourceAdapter void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { String username, password; // retrieve from the request or cache userCredentialsDataSourceAdapter. SetCredentialsForCurrentThread(username, password); try { chain.doFilter(); } finally { userCredentialsDataSourceAdapter.
RemoveCredentialsFromCurrentThread(); } } What this does is while the credentials are current, getConnection() will delegate to getConnection(String, String) with the specified credentials. Your data layer really won't know the difference.
I cant really gove you an answer,but what I can give you is a way to a solution, that is you have to find the anglde that you relate to or peaks your interest. A good paper is one that people get drawn into because it reaches them ln some way.As for me WW11 to me, I think of the holocaust and the effect it had on the survivors, their families and those who stood by and did nothing until it was too late.