2 Replies Latest reply on Jan 20, 2004 9:24 AM by James Olsen

    Configuring EJB for multiple usernames

    drandall Newbie

       

      "drandall" wrote:
      "drandall" wrote:
      We are using Jboss 3.2.2RC2. We are developing a Web App for 100+ concurrent users. A requirement from our Oracle DBA is that every user must connect to the database through the EJB using their own username/password. We have a prototype in which the EJB uses the username and password defined in oracle-ds.xml.

      One way to solve the problem would be to add a datasource in oracle-ds.xml for each user. It seems like that would be hard to manage.

      Is there a better way to solve this problem?
      Any insight is appreciated.
      Thanks,
      Doug Randall


        • 1. Re: Configuring EJB for multiple usernames
          James Olsen Newbie

           

          "jim_b_o" wrote:
          "jim_b_o" wrote:
          The Oracle JDBC Driver has extra API on it to tell it who the real user is. Hence you should be able to use a single -ds.xml login but then provide extra info vis this API. Your DBA should then be able to access that info in triggers etc. I can't remember exactly how it works but I don't think it changes the actual DB login. This has the advantage that you can use a connection from a shared pool but the DB still knows who you are.

          I'm currently trying to do the same thing with DB2 which also has custom API. With DB2 I need to get hold of each connection when it is allocated to a new user/thread as that is when you need to tell it who the current user of the connection is. I intend to use the EJB Security Prinical to identify the user. What I have to figure out is how I can register for an appropriate event or wrap the connection code so that I can call the API at the required time.


          • 2. Re: Configuring EJB for multiple usernames
            James Olsen Newbie

             

            "jim_b_o" wrote:
            "jim_b_o" wrote:
            "jim_b_o" wrote:
            I've now done this for DB2 as discussed in topic "Mapping Security Principal to JDBC Connection".