Thanks for responding Mikolaj. I may not completely understanding your response.
The credentials for a database connection are specified per database. That is, user credentials are not used to get an authenticated connection to the database. Notice OrgID is the database name, username and password. These are not the user's credentials. Each database contains a 'Users' table, which the application I'm writing uses to perform the actual user authentication. This is done with application logic not shown in this email. In your example, when user B gets the same, previously MySql authenticated connection to the database as user A, this is the desired behaviour. The application will still authenticate user B at a higher level. The logic shown simply attempts to employ connection pooling a bit dynamically. 2010/7/1 Mikolaj Rydzewski <m...@ceti.pl> > Andrew Laughlin wrote: > >> Notice no username or password entry exists. Here's the code to get a >> connection: >> >> Context ctx = new InitialContext(); >> org.apache.tomcat.dbcp.dbcp.BasicDataSource ds = >> (org.apache.tomcat.dbcp.dbcp.BasicDataSource)ctx.lookup( >> "java:comp/env/jdbc/DB" ); >> >> // These must be set before the call to getConnection(), since >> getConnection >> actually creates the pool. >> ds.setDefaultCatalog( orgID ); >> ds.setUsername( orgID ); >> ds.setPassword( orgID ); >> >> > So let's try to run this code: > > 1. user A performs request, pool is empty, so it's initialized with > credentials of user A > 2. user B performs request, pool is already initialized, user B gets > connection created with credentials of user A > 3. user A releases connection, it goes back to the pool > 4. user C performs, request, gets previously released connection > > I don't think you like this scenario.. > > > Idea is simple: create one pool for database. > > -- > Mikolaj Rydzewski <m...@ceti.pl> > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > >
