commons-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Vattima, Timothy" <timothy.vatt...@chase.com>
Subject [dbcp] SharedPoolDataSource and getConnection methods
Date Fri, 07 May 2010 12:28:33 GMT
We are implementing a Password Vault. The vault will always have the latest, correct password.
The Vault product vendor supplies an SDK with which the current password for an account may
be obtained.
We use functional, non-human accounts for the application so I don't need a PerUser Pool,
so I've opted for the SharedPoolDataSource.

My question is, should I simply extend SharedPoolDataSource overriding the two getConnection
methods, make the call the vault SDK with the username and call super passing the latest password?
See below:

    public Connection getConnection(String username, String password) throws SQLException
{
        String currentPassword = vaultsdk.getCurrentPassword(username);
        return super.getConnection(username, currentPassword);
    }

I am counting on SharedPoolDataSource honoring the fact that the password for the user with
which the pool was initialized may have changed since the pool was initialized. Some of our
applications remain running for weeks or months and it is likely that our password change
process will change the password during that time.

So, does this seem like the proper approach?

Also, I am not sure what to do about the no-args getConnection( ) method. Should I get the
username that was used to initialize the pool and get the latest password? But then what do
I do with that password? So any help or guidance on the no-args method would be appreciated.

Thanks
-Tim


This transmission may contain information that is privileged,
confidential, legally privileged, and/or exempt from disclosure
under applicable law.  If you are not the intended recipient, you
are hereby notified that any disclosure, copying, distribution, or
use of the information contained herein (including any reliance
thereon) is STRICTLY PROHIBITED.  Although this transmission and
any attachments are believed to be free of any virus or other
defect that might affect any computer system into which it is
received and opened, it is the responsibility of the recipient to
ensure that it is virus free and no responsibility is accepted by
JPMorgan Chase & Co., its subsidiaries and affiliates, as
applicable, for any loss or damage arising in any way from its use.
 If you received this transmission in error, please immediately
contact the sender and destroy the material in its entirety,
whether in electronic or hard copy format. Thank you.
Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message