geronimo-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From <tbo...@yahoo.com>
Subject Re: The state of Geronimo
Date Thu, 20 Oct 2005 06:36:25 GMT
At the bottom of the login() method in SQLLoginModule:
found should be returned, not true :). My first fix to
Geronimo!

Tyler


--- tbot55@yahoo.com wrote:

> Actually, I found a serious bug, I got an exception
> on
> the executeQuery() statement, and it went to the
> finally{}, returned true, and gave me access.
> 
> This is probably an easy fix, but was just telling
> you
> guys about this hole.
> 
> Tyler
> 
> 
> --- tbot55@yahoo.com wrote:
> 
> > Yee haw! It works, debugging in the code is my
> best
> > bet at this point.
> > 
> > The DB2 universal driver didn't want the username
> > and
> > password passed in the URL and as properties.
> > 
> > Thanks all! Now I could easily do the
> parameterized
> > username stuff. I'll try modifying it now.
> > 
> > Tyler
> > 
> > 
> > --- David Jencks <david_jencks@yahoo.com> wrote:
> > 
> > > 
> > > On Oct 19, 2005, at 10:19 PM, <tbot55@yahoo.com>
> > > wrote:
> > > 
> > > > I'm so determined I'm rebuilding M5 with print
> > > > statements in the SQLLoginModule file.
> > Something's
> > > > clearly wrong with something (dunno what). I
> may
> > > be
> > > > narrowing it down. From then I guess I can
> build
> > > my
> > > > own modules that will connect to the database
> > the
> > > way
> > > > I want, no?
> > > 
> > > That should work.  BTW, the SQLLoginModule is,
> > umm,
> > > less than the most 
> > > sophisticated code ever seen, so if you want to
> > > improve it we would all 
> > > be appreciative.  See 
> > >
> http://issues.apache.org/jira/browse/GERONIMO-409.
> > 
> > > I think some easy 
> > > improvements would be to use prepared statements
> > > with the user info as 
> > > parameters rather than fetching all the info
> each
> > > time.
> > > 
> > > Another, deeper, issue is that it makes a direct
> > > connection to the 
> > > database rather than getting one out of a
> > connection
> > > pool.  I have 
> > > never thought this was a good idea.  However,
> jndi
> > > is not available to 
> > > look up datasources in a login module, so you
> > would
> > > have to get the 
> > > datasource more directly from a
> > > ManagedConnectionFactoryWrapper gbean.  
> > > The call would be IIRC
> > > 
> > > DataSource ds =
> (DataSource)kernel.invoke(mcfName,
> > > "$getResource");
> > > 
> > > This would let you use pooled connections which
> > > ought to be faster for 
> > > most databases.
> > > 
> > > I do wonder what the cause of your problems
> might
> > be
> > > because there is a 
> > > working unit test for this login module.
> > > >
> > > > If there's a quicker way to rebuild changes
> like
> > > this,
> > > > then please let me know.
> > > >
> > > > I rebuild security. Then I rebuild assembly,
> and
> > > use
> > > > the new server.jar in the
> > > > modules/assembly/target/geronimo-1.0-M5/bin
> > > directory.
> > > 
> > > This will definitely work.  I usually find it is
> > > more efficient to 
> > > debug the server in an IDE though.    I use IDEA
> > and
> > > start the server 
> > > like this:
> > > 
> > > java -Xdebug -Xnoagent -Djava.compiler=NONE 
> > >
> >
>
-Xrunjdwp:transport=dt_socket,server=y,suspend=n,address=5005
> > > -jar 
> > > bin/server.jar
> > > 
> > > and have a remote debugging configuration for
> that
> > > in IDEA.  I think 
> > > you can do essentially the same thing in
> eclipse.
> > > 
> > > thanks,
> > > david jencks
> > > 
> > > >
> > > > Thanks!
> > > > Tyler
> > > >
> > > >
> > > > --- Bruce Snyder <bruce.snyder@gmail.com>
> wrote:
> > > >
> > > >> On 10/19/05, tbot55@yahoo.com
> > <tbot55@yahoo.com>
> > > >> wrote:
> > > >>> Lets have some discussion, maybe I'm totally
> > > >> missing
> > > >>> somethings.
> > > >>>
> > > >>> Currently I see all/most the applications
> I've
> > > >> looked
> > > >>> at as J2EE apps. This is the goal of
> Geronimo,
> > > but
> > > >>> they largly bypass the low-level purposes of
> > > >> Geronimo
> > > >>> by just sticking to J2EE and JSP. Though the
> > > >> GBeans
> > > >>> thing is cool. The goals are the same, but
> > > >>> accomplished in different ways.
> > > >>
> > > >> The reason the apps you see today running on
> > > >> Geronimo are J2EE apps of
> > > >> some type is because that was one of the
> first
> > > goals
> > > >> of Geronimo -
> > > >> J2EE 1.4 certification. In time, people will
> > > >> understand that they can
> > > >> construct their own application server by
> > > assembling
> > > >> different pieces
> > > >> of software using the Geronimo kernel and
> GBean
> > > >> architecture and only
> > > >> then will we see the true power of Geronimo
> > begin
> > > to
> > > >> emerge.
> > > >>
> > > >> J2EE is simply one goal for Geronimo, it is
> > > >> certainly not *the* goal
> > > >> (after all, J2EE compliance is simply a set
> of
> > > >> configuration files).
> > > >> Another goal includes the result of the
> kernel
> > > and
> > > >> GBean architecture
> > > >> - the ability to easily plug in just about
> any
> > > piece
> > > >> of software to
> > > >> run in the Geronimo space. Still another goal
> > > (and a
> > > >> very important
> > > >> one) was to accomplish all of this work under
> > the
> > > >> Apache License. I
> > > >> could go on and on, but I highly suggest
> > reading
> > > >> through at least the
> > > >> wiki (http://wiki.apache.org/geronimo/) to
> > > >> understand Geronimo from
> > > >> your own perspective.
> 
=== message truncated ===



	
		
__________________________________ 
Yahoo! Mail - PC Magazine Editors' Choice 2005 
http://mail.yahoo.com

Mime
View raw message