thanks for the quick reply! i'll try and clarify my situation. yes, this seems to be an EXTREMELY non standard request, and against a lot of what i believe to be so great about J2EE, but trying to appease some very difficult people.
our current setup is that an application is deployed with an ldap security domain, so when a user accesses a web page, they'll be prompted for a username/password, and be logged in. from there, calling a stateless session bean to make the database connection and return certain results. the SLSB is looking up a datasource with a configured url/username/password to connect to the database. since the connection is made through this generic account, and records modified will show "generic user" as the audit user instead of the logged in person. is there any way to propogate the security credentials that the user logged in with to that database connection? i've been reading about oracles ability to use a "proxy authentication" to have one database connection but several individual sessions within that connection. when an insert/update/delete occurs, it happens within that session, and the audit user will reflect that. you lost me with the CallerIdentityLoginModule. what does that do again (how does jboss use it)?? we're currently using jboss 2.4.6 w/ tomcat 4.0.1 and planning on upgrading sometime soon, so if this feature exists only in 3.0.x we'll definately be moving up ASAP. Ryan J. Sonnek Brown Printing Company IT Programmer/Analyst (507) 835-0803 <mailto:[EMAIL PROTECTED]> -----Original Message----- From: David Jencks [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 05, 2002 12:35 PM To: [EMAIL PROTECTED] Subject: Re: [JBoss-user] oracle proxy authentication This seems like a rather non standard feature. As I understand it from your description you can use the same database connection under several security identities? What calls do you need to make to establish the identity? How do you plan to use this in a j2ee environment? In jboss 3, it is already possible with any jdbc driver to get database connections using a variety of security identities, by using an appropriate login module. We supply a CallerIdentityLoginModule that provides the actual user/pw from application login to the database, and a ConfiguredIdentityLoginModule that always supplies the same user/pw. I have some parts of a mapping login module that looks up in a db table the db user/pw to use for each application user. Please explain how you want to use this Oracle feature. thanks david jencks ------------------------------------------------------- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r=sourceforge1&refcode1=vs3390 _______________________________________________ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user
