geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Vamsavardhana Reddy (JIRA)" <...@geronimo.apache.org>
Subject [jira] Commented: (GERONIMO-1206) SQLSecurityRealm doesn't work with PostgreSQL
Date Wed, 23 Nov 2005 09:57:36 GMT
    [ http://issues.apache.org/jira/browse/GERONIMO-1206?page=comments#action_12358343 ] 

Vamsavardhana Reddy commented on GERONIMO-1206:
-----------------------------------------------

Taking parameter count as 1 might break the backward compatibility offered (at no extra cost)
by the earlier code.  Instead of taking the parameter count as 1, may be the number of occurrences
of '?' in the SQL statement can be counted and then the preparedstatement.setObject() can
be run in a loop catching any exceptions due to parameter index out of range.

> SQLSecurityRealm doesn't work with PostgreSQL
> ---------------------------------------------
>
>          Key: GERONIMO-1206
>          URL: http://issues.apache.org/jira/browse/GERONIMO-1206
>      Project: Geronimo
>         Type: Bug
>   Components: security, databases
>     Versions: 1.0-M5
>     Reporter: Aaron Mulder
>     Assignee: Aaron Mulder
>      Fix For: 1.0

>
> The SQLSecurity realm tries to be clever and dynamically discover the number of prepared
statement parameters (?'s) in the queries.  PostgreSQL doesn't support the getParameterMetaData
call this relies upon.  Since this was just a convenience anyway, I'm going to remove the
dynamicness and require that the user and group SQL statements have exactly 1 ? which stands
for the username.  As in:
> SELECT user, password FROM users WHERE username=?
> SELECT user, role FROM user_roles WHERE username=?

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
   http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
   http://www.atlassian.com/software/jira


Mime
View raw message