geronimo-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Brian Gregory <bgreg...@g-webdesign.com>
Subject Re: proxy session w/ built-in dbcp + openjpa
Date Tue, 12 Feb 2008 20:35:06 GMT

Ok, this might clear things up a bit:

// This needs to happen when a connection is pulled from the pool
// and before the connection is used.
// The "<username>" could be pulled from the GeronimoUserPrincipal() 
//      in the current session (?) if available

java.util.Properties prop = new java.util.Properties();
prop.put(OracleConnection.PROXY_USER_NAME, "<username>"); 
((OracleConnection)conn).openProxySession(OracleConnection.PROXYTYPE_USER_NAME,
prop);

// This nees to happen when a connection is returned to the pool

((OracleConnection)conn).close(OracleConnection.PROXY_SESSION);

And that's pretty much it. The LoginModule for the security realm is pretty
much a standard JDBC Realm (with a little code to calculate Oracle password
hashes) that populates the GeronimoUserPrincipal() and
GeronimoGroupPrincipal(). The "proxy" part is just a way to let oracle know
who the "real" user is for the audit trail and any user-bound security
policies.

Note from before: RARs ah. That's a new one for me. Learning curves are a
bitch sometimes. And I'm still trying to catch up with learning maven (and
the 6 million things it does). As you can probably tell, geronimo is a
pretty new beast to me too.

No problem about the help, I've got to work through it anyway.


-- 
View this message in context: http://www.nabble.com/proxy-session-w--built-in-dbcp-%2B-openjpa-tp15404731s134p15442349.html
Sent from the Apache Geronimo - Users mailing list archive at Nabble.com.


Mime
View raw message