[JBoss-user] [Security & JAAS/JBoss] - Datase Security Schema and JAAS

[alvarommz]

Hello Mr. Scott Stark

I am new to Jboss security schemas, and I have read several guides that come 
along with JBoss and EJB3.

As far as I´ve read I understand that the Jboss Security Schema is appart from 
the persistence database schema itself, that is to say, we know database 
engines like Oracle and Sql Server (the ones I have currently  in use), they 
have their own security schema where they allow the dba define users, passwords 
and roles. 

My question is, whether there is a way to, kind of, bind the database´s own 
secutiry schema to the Jboss application, such that users and passwords form 
the very DB can be used and users can authenticate with them.

I would like you to show me How it could be done on the loging pagaes, web 
page, the servlet and the session and entity beans (EJB3 of course). 

On the other hand, when I defined the -ds.xml descriptor to configure the 
oracle / sql server conection for the appl, I included the password component 
in it, as shown in the next fragment of code:

  | <datasources>
  |   <xa-datasource>
  |     <jndi-name>CellDomDS</jndi-name>
  |     <track-connection-by-tx>true</track-connection-by-tx>
  |     <isSameRM-override-value>false</isSameRM-override-value>
  |     
<xa-datasource-class>oracle.jdbc.xa.client.OracleXADataSource</xa-datasource-class>
  |     <xa-datasource-property 
name="URL">jdbc:oracle:thin:@localhost:1521:orcl</xa-datasource-property>
  |     <xa-datasource-property name="User">CellDom</xa-datasource-property>
  |     <xa-datasource-property name="Password">Admin</xa-datasource-property>
  |     
<exception-sorter-class-name>org.jboss.resource.adapter.jdbc.vendor.OracleExceptionSorter</exception-sorter-class-name>
  | 
  |     <!-- Oracles XA datasource cannot reuse a connection outside a 
transaction once enlisted in a global transaction and vice-versa -->
  |     <no-tx-separate-pools/>
  |       <!-- corresponding type-mapping in the standardjbosscmp-jdbc.xml 
(optional) -->
  |       <metadata>
  |          <type-mapping>Oracle9i</type-mapping>
  |       </metadata>
  |   </xa-datasource>
  | 
  | . 

My issue concerning this is, Is there a way to avoid showing a Password in this 
configuration in order to avoid possible security breaks. (something like tell 
the Appl Server to ask for this password instead of including it as part of the 
persistence configuration).

The fact is as of yet I am developing two applications, one using Oracle 10g as 
persistence domain and the other using SqlServer 2000 as persistence Domain, 
and I need to let users for both appls, to login using ther users/passwords 
they were assigned in the corresponding Databases.

Thank you in advance.
Alvaro E Martinez
[EMAIL PROTECTED]

View the original post : 
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3907221#3907221

Reply to the post : 
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3907221


-------------------------------------------------------
This SF.Net email is sponsored by the JBoss Inc.  Get Certified Today
Register for a JBoss Training Course.  Free Certification Exam
for All Training Attendees Through End of 2005. For more info visit:
http://ads.osdn.com/?ad_idv28&alloc_id845&op=click
_______________________________________________
JBoss-user mailing list
JBoss-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/jboss-user