openjpa-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mansour Al Akeel <mansour.alak...@gmail.com>
Subject Re: Virtual Private Database
Date Tue, 28 Feb 2012 18:25:12 GMT
Ok, I am not sure if this approach is popular. In my opinion,  it's not
portable to another RDBMs.
I don't think with JPA I should work with the DB directly.
Further more, it's not scalable, because each user has to has an open
connection to the DB.


On Tue, Feb 28, 2012 at 12:56 PM, Mario Ds Briggs
<mario.briggs@in.ibm.com>wrote:

> I am referring to the scenario where a user is allowed to open a SQL prompt
> and directly access the table using say 'select * from TBLNAME'. Or another
> application also accesses the table
>
> Mario
>
>
>
> From:   Mansour Al Akeel <mansour.alakeel@gmail.com>
> To:     users@openjpa.apache.org
> Date:   02/28/2012 10:39 PM
> Subject:        Re: Virtual Private Database
>
>
>
> Mario,
> I don't understand what you mean by "one would need
> implement this at the database level".
>
> I know there are many ways to achieve what I want, but I don't understand
> your option.
> Can you please kindly, elaborate ?
>
>
>
> On Tue, Feb 28, 2012 at 12:07 AM, Mario Ds Briggs
> <mario.briggs@in.ibm.com>wrote:
>
> > >>
> > Which makes me conclude that it can not be done in a vendor neutral
> > way. Am I missing something ?
> > <<
> >
> > Often the common requirement is that all/any/direct SQL access to
> database
> > should obey the security/access control rules. Therefore one would need
> > implement this at the database level, so that all SQL access is now
> > controlled  rather than at the app level (and if you have done it at the
> > DB, you dont need to bother at the app).  Of course if you are not
> bothered
> > about direct SQL access and only your app's access, then maybe u do what
> u
> > are trying
> >
> > Just my 2 cents
> >
> > Mario
> >
> >
> >
> > From:   Mansour Al Akeel <mansour.alakeel@gmail.com>
> > To:     users@openjpa.apache.org
> > Date:   02/28/2012 04:45 AM
> > Subject:        Virtual Private Database
> >
> >
> >
> > Hello all,
> >
> > I read on this page
> > http://en.wikibooks.org/wiki/Java_Persistence/Advanced_Topics#Filters,
> > some
> > thing about filters. My understanding is that it creates multiple view
> for
> > the database.
> > I need to implement row level security depending on the user reading the
> > data. I know this can be in done in the DAOs. But since this is going to
> be
> > done in many places I am searching for a better option. Another option is
> > to do it in Aspect Oriented way. For a moment I though about extending
> the
> > EntityManager, and do what I need there.
> > Still I believe using filters the way it's described, is a cleaner
> approach
> > for what I am doing and if I understand it correctly.
> >
> > Another option is http://jpasecurity.sourceforge.net/.
> >
> > My first question is, does openjpa has something similar ?
> > The second question, I didn't find anything about these data filters in
> the
> > specs. Which makes me conclude that it can not be done in a vendor
> neutral
> > way. Am I missing something ?
> >
> > If anyone had experience with similar situation, please share.
> >
> >
> > Thank you.
> >
> >
> >
>
>
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message