No, not sure. That is what I was confused about.
JDBC Realm, vs JNDI DataSourceRealm, vs JDBC DataSource
I think what was throwing me off was seeing examples of the tomcat-users in
both the realm-howto and in the jndi-resources-howto
I'm attempting container managed security using SQL Server. It looks like I
need both a DataSourceRealm and a JDBC DataSource?
Assuming I have the correct tables in the database named "authstore", does this
look right?
** in server.xml **
<Realm className="com.microsoft.sqlserver.jdbc.SQLServerDriver"
dataSourceName="jdbc/authority"
userTable="users" userNameCol="user_name" userCredCol="user_pass"
userRoleTable="user_roles" roleNameCol="role_name"/>
** in META-INF/context.xml of specific webapp **
<resource-ref>
<description>DB Connection</description>
<res-ref-name>jdbc/authority</res-ref-name>
<res-type>javax.sql.DataSource</res-type>
<res-auth>Container</res-auth>
</resource-ref>
** also in META-INF/context.xml file? **
<Resource name="jdbc/authority" auth="Container" type="javax.sql.DataSource"
username="javauser" password="javadude"
driverClassName="com.microsoft.sqlserver.jdbc.SQLServerDriver"
url="jdbc:sqlserver://localhost;database=authstore"/>
-----Original Message-----
From: Caldarale, Charles R [mailto:chuck.caldar...@unisys.com]
Sent: Tuesday, March 23, 2010 3:22 PM
To: Tomcat Users List
Subject: RE: Connecting to a Database
> From: Leo Donahue - PLANDEVX [mailto:leodona...@mail.maricopa.gov]
> Subject: Connecting to a Database
>
> Tomcat 6.0.24
> Windows Server 2003 R2 SP2
> SQL Server 2005 Express
> Microsoft SQL Server 2005 JDBC Driver 1.2 - October 2007
>
> I know I need to configure a Realm
Are you sure? A <Realm> is used for authentication only, not for a webapp that
accesses a database. Do you perhaps mean <Resource>?
> JDBCRealm or JNDI DataSourceRealm?
If you are in fact storing credentials in SQL Server, use DataSourceRealm -
it's much more robust.
- Chuck
THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY
MATERIAL and is thus for use only by the intended recipient. If you received
this in error, please contact the sender and delete the e-mail and its
attachments from all computers.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
