RE: DatabaseAuthenticatorAction and other Database*Actions

Fri, 27 Jul 2001 12:34:08 -0700 

> -----Original Message-----
> From: Berin Loritsch [mailto:[EMAIL PROTECTED]]
> Sent: Friday, July 27, 2001 3:03 PM
> To: [EMAIL PROTECTED]
> Subject: Re: DatabaseAuthenticatorAction and other Database*Actions
> 
> 
> Vadim Gritsenko wrote:
> > 
> > Two questions about database actions:
> > 
> > 1) I have got a suggestion to use PreparedStatement in DatabaseAuthenticatorAction,
> > and it makes sence because all other database actions already using it.
> > Is there any problems with this change?
> 
> No problem at all.  The DatabaseAuthenticatorAction also is the least tested of all
> the Database*Actions.

Cool.


> 
> > 2) Database actions take column values from request parameters or request 
>attributes.
> > There is a suggestion to obtain values from request methods, like getServerName or
> > getRemoteHost, etc.
> 
> How do you propose to specify them in the configuration file?

Right now auth action uses different descriptor format then other db actions...
Thinking about common syntax for all actions, I can suggest something like this:

<employee>
  <connection>personnel</connection>
  <table name="employee_table">
...
      <!-- authenticate against username column using request.getParam("username") -->
      <value auth-request-param="username" dbcol="name" type="string"/>
      <!-- ...and server_name column using request.getServerName() -->
      <value auth-request-method="getServerName" dbcol="server_name" type="string"/>
...
  </table>
</employee>

Other suggestions on syntax are welcome - I'm not sure how it should look like.

Another though about descriptor: 
Right now auth action's descriptor have "to-session" attribute to propagate values 
into session.
Select action and Auth action can make use of this attribute:

      <!-- get skin to session -->
      <value session-param="skin" dbcol="skin" type="string"/>

Then, param attribute:
      <value param="department" dbcol="department_id" type="int"/>
Might be renamed as request-param:
      <value request-param="department" dbcol="department_id" type="int"/>

What do you think?


Vadim


---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, email: [EMAIL PROTECTED]

Reply via email to