1 Reply Latest reply on Apr 8, 2004 12:12 PM by Adrian Brock

    Datasource restricted access for a web context

    mprivat Newbie

      I am hoping this is a dumb question. I defined a datasource in a -ds.xml file and it is working fine. I have two webapps in two different contexts and I want to prohibit all access for only one of the two webapps. Is there an easy way to do this?


        • 1. Re: Datasource restricted access for a web context
          Adrian Brock Master

          No there isn't.

          By default you specify a user/password on the data source deployment then
          anybody in the container can use it.

          You can setup a datasource to use the CallerIdentityLoginModule
          this would pass the user/password from the ejb/servlet through to the database.

          It is on my TODO list to containerize the connection factory proxies
          and the objects they create such that you can add custom interceptors like
          this security requirement.
          The simplest way to do with the current architecture would be to
          modify the CachedConnectionManager when it is told to register a connection
          for an application. But this is not really the purpose of this service.