ResourceAdapterName identifies which resource adapter supplies the
ConnectionFactory (and ManagedConnectionFactory etc etc) for the
ConnectionFactoryLoader to load. (It's the display-name tag in ra.xml) If
you were using firebird as your database, this could be the firebird
jca/jdbc driver. Since we are mostly stuck with jdbc only drivers, this is
typically one of the 2 Minerva wrapper adapters. With the jdbc (local
transaction) wrapper, the "Properties" attribute, which is for configuring
the Resource Adapter, contains the db url which is enough to figure out
which db driver we are using. With enough luck, mainstream db vendors will
decide to supply jca .rar versions of their drivers soon so we don't always
need the Minerva wrappers.
david jencks
On 2001.08.16 14:35:00 -0400 Jason Dillon wrote:
> What is ResourceAdapterName used for?
>
> --jason
>
>
> On Wed, 15 Aug 2001, David Jencks wrote:
>
> > Hi,
> >
> > This discussion comes up in various places on various lists. Since you
> > don't mention otherwise I assume you are planning to decrypt in code
> > without manual intervention. As I understand the consensus is, Don't
> do
> > this. You need some code to unencrypt the password to send it to the
> db,
> > if someone can find your jboss.jcml file they can find the unencryption
> > code. Thus you have implemented only security by obscurity and only
> > succeeded in making life harder for the users and probably given them a
> > false sense of security, encouraging carelessness that a determined
> hacker
> > can exploit.
> >
> > Secrets and Lies by Bruce Schneier is fun to read and explains this
> really
> > well.
> >
> > If you want more security yet don't want to give each user their own
> > password and have per-subject pools, how about writing a
> > ConnectionFactoryLoader that pops up a password dialog on startup ( in
> > initService). It's inconvenient, but at least it doesn't try to fool
> > people into thinking their passwords are hidden. Of course, it could
> be
> > hard to figure out where to pop up the dialog...
> >
> > How about simply encrypting all of jboss.jcml say using pgp and
> requiring a
> > manually entered password to unencrypt to start jboss?
> >
> > In any case if you wish to modify the datasource loading procedure I
> > suggest you work on the jca resource adapter version since
> > {XA|JDBC}DataSourceLoader will not really exist in rh. (they will set
> up
> > connectionFactoryLoader mbeans).
> >
> > david jencks
> >
> > On 2001.08.14 19:12:14 -0400 "Ferguson, Doug" wrote:
> > > What do you guys think about implemented a version of the DataSource
> > > loader
> > > that
> > > allows for encrypted passwords?
> > >
> > > I am required to use encrypted db passwords..
> > > And I was thinking that even if I encrypt once I write the jboss.jcml
> > > It is now clear text again..
> > >
> > > d.
> > >
> > > _______________________________________________
> > > Jboss-development mailing list
> > > [EMAIL PROTECTED]
> > > http://lists.sourceforge.net/lists/listinfo/jboss-development
> > >
> > >
> >
> > _______________________________________________
> > Jboss-development mailing list
> > [EMAIL PROTECTED]
> > http://lists.sourceforge.net/lists/listinfo/jboss-development
> >
>
>
> _______________________________________________
> Jboss-development mailing list
> [EMAIL PROTECTED]
> http://lists.sourceforge.net/lists/listinfo/jboss-development
>
>
_______________________________________________
Jboss-development mailing list
[EMAIL PROTECTED]
http://lists.sourceforge.net/lists/listinfo/jboss-development
