tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From jeffery.s.ea...@transport.qld.gov.au
Subject Re: using a datasource connection pool resource with username and password supplied by user
Date Mon, 10 Oct 2005 07:52:13 GMT
Good question Bob,

This system may eventually be implemented for the government department I
work for in Queensland, Australia.  This project is a pilot one which will
involve four separate district offices in four different cities.  The
department has policies on data security which includes authenticating
individual users to a database.  As this is a requirement I can't avoid I
wanted to find a way to implement it even in the proof-of-concept stage.

User authentication can be implemented on the middle tier in Tomcat but I
don't think this will satisfy the dept. requirements.  That being the case,
my plan was to let the database decide if a user can get into the site.  If
they are authenticated to the db then they have access to the site.  One
other advantage of db authentication which will be important in this case
is the separation of database roles.  Users will have access to update only
the tables they are approved to access.

Jeffery S. Eaton



************************************************************
Opinions contained in this e-mail do not necessarily reflect
the opinions of the Queensland Department of Main Roads,
Queensland Transport or Maritime Safety Queensland, or
endorsed organisations utilising the same infrastructure.
If you have received this electronic mail message in error,
please immediately notify the sender and delete the message
from your computer.
************************************************************


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message