OK, A little more info. I'm developing RESTful services in a Tomcat 7 container. I'm probably going to use Jersey for the REST and Guice for injection - but I'm not committed to these frameworks just yet, I will use something else if it plays better with OrientDB.
I'm adding an OrientGraph instance to each request using the filter pattern given in https://code.google.com/p/orient/wiki/JavaWebApps. I'm using the OrientGraph constructor though: OrientGraph graph = new OrientGraph(dbUrl, username, password); and cleaning up when the filter returns with: graph.shutdown(); This is because I want to make use of the record level security [ https://github.com/orientechnologies/orientdb/wiki/Security </> ] as it seems like such an elegant solution to the problem of insecure direct object references. [ https://www.owasp.org/index.php/Top_10_2013-A4-Insecure_Direct_Object_References </> ] Factory methods like acquire() and getTx() don't allow me to use different authentication values each time, so I would end up having to write my own security model all over again (why re-invent the wheel?) I planned to use container-managed authentication, so I am creating an OrientDB Realm [ http://tomcat.apache.org/tomcat-7.0-doc/realm-howto.html </> ] which will look up OUser and ORule records using with a global read-only account. (Probably just, "reader".) I would like, eventually, to be able to configure things like clustering, backup, remote access ports for administration, logging, pools, caches, etc... at an application-wide level. This presumably should be done before I create any OrientGraph instances. I can find suitable hooks in Tomcat to make sure this happens in a timely fashion. But where are the correct hooks in OrientDB? On Thursday, 10 July 2014 03:33:22 UTC+12, Andrey Kovalev wrote: > > In my opinion developers of OrientDB won't be able to advice you what to > do. Also you provided not too much information about your environment. > Do you use any framework? Do you use any web server and etc? > > Let's say you have Tomcat only and you use servlets. I would initialize > OrientDB database pool in application initialization/deployment listener > and put it into application context. And then in your DAOs I will call > getTx() or aquire() each time. Something like this. > > -- --- You received this message because you are subscribed to the Google Groups "OrientDB" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
