tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christopher Schultz <ch...@christopherschultz.net>
Subject Re: [OT] Re: problems at thejarbar.org
Date Wed, 02 Jun 2010 13:25:22 GMT
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Yucca Nel,

On 6/2/2010 8:27 PM, yuccanel@live.co.za wrote:
> There was  a question as to why I am using a realm and application 
> based realm and I have no idea howcome people think I am not using only
> tomcat realm?

It's not that we think you're using a non-Tomcat Realm: it's that we
think you're using the /wrong/ Tomcat Realm.

See... JDBCRealm uses its own set of credentials to connect to the
database and uses a single Connection object, requiring lots of
synchronization to protect that shared resource. Basically, it's not
appropriate for production because of those two facts. Instead, we're
suggesting that you set up a DataSource and then use a DataSourceRealm
which will use a connection-per-authentication-attempt and is much more
high-performance.

> hibernate is not doing any security related stuff other than persisiting
> new users and thier credentials to mysql. Tomcat is only managing
> security and hibernate everything else... Hope this clears up
> discussion. :)

Is hibernate using a Tomcat-created DataSource? If not, you're making
your life harder by placing database connection configuration in several
places instead of just one.

- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAkwGW8IACgkQ9CaO5/Lv0PALlwCgwejhODA7bB92UMEbgpIPGb8R
3RoAn3BXDzQWZ5497EKzaSP1W84Mtqu2
=zCtF
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message