tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
Subject Re: Dynamically adding a resource to a context
Date Wed, 01 Oct 2008 20:41:57 GMT
Johnny Kewl wrote:
> ----- Original Message ----- From: "Pid" <>
> To: "Tomcat Users List" <>
> Sent: Wednesday, October 01, 2008 11:50 AM
> Subject: Re: Dynamically adding a resource to a context

At the risk of veering wildly off topic...

> Thanks PID... nice article... would like to have seen some code on JNDI
> for dropping a pool and making another one...

I don't understand what you mean, you want to remove a configured pool &
replace it with a new one?

> ... wonder if anyone has tried this stuff on TC?

JNDI (in one sense) is just a convenient store for useful objects - like
DB connection pools.  Many app Contexts can share access to one pool
this way.

So, really, there's no "with JNDI is XXX true", as once you've retrieved
the DataSource you have access to a javax.sql.Connection object as normal.

> A QU...
> With JNDI if you have a dB with a lot of access control... like say
>    Mr X can access table 1,2,3,4 but not 5,6,7 etc
> Do you set up a connection pool for each role? ... using JNDI?

A DB connection pool needs credentials configured in the DB, so
whichever roles that user has are assigned to the pool.
Ergo, one pool per DB user.

> Or does the servlet typically do access control and the dB pool is
> effectively admin access?

Access control for what? The DB or web app?  Don't confuse DB
credentials with application credentials.

> Wondering how you handle this stuff using JNDI... actually wondering how
> many veteran coders use JNDI for dB access?

Again, JNDI is just a convenient place to store a connection pool.
Q: Is a connection pool faster than creating a new connection each time
you need one?
A: Yes, usually way faster, so most 'veterans' will probably use one in
a web application.

> Allowing users to change passwords and that sort of stuff seems near
> impossible with JNDI... just wondering?

Sounds like you're confusing DB credentials with app credentials.
The Connection retrieved from the pool stored in JNDI is usable just
like any other Connection object.

I don't create a new DB user account for every user on my system, but I
do store their web app credentials in the DB.

The *DB* user account that I have configured in the DataSourceRealm
(which has a small connection pool) has read only access to the tables
needed to get the user, do auth & get roles.

Other DB connection pools have write access and permit updates to data
in tables, e.g. updating user passwords, via a servlet which retrieves
the pool from JNDI.


> ---------------------------------------------------------------------------
> The most powerful application server on earth.
> The only real POJO Application Server.
> See it in Action :
> ---------------------------------------------------------------------------
> ---------------------------------------------------------------------
> To start a new topic, e-mail:
> To unsubscribe, e-mail:
> For additional commands, e-mail:

To start a new topic, e-mail:
To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message