On Tuesday, August 10, 1999 5:27 PM, Rod McChesney [SMTP:[EMAIL PROTECTED]]
wrote:
> jon * wrote:
> >
> > > Yes, I know I could do things with connection pooling, but I want
different
> > > users logged in as their real user ids, not using a dummy user
everyone
> > > uses.
> >
> > Huh? that statement makes no sense.
>
> Actually, it makes lots of sense. If you are using a database's own
> security setup, allowing and denying table access by roles or users,
> then connection pools won't work. You need a separate connection for
> each user.
>
> Whether that's a good idea or not is a separate question, but it's
> quite common in IS environments to use database security so that
> applications can't subvert the privileges the DBA assigns.
>
> Rod McChesney, Korobra
>
We do something similar but do use a connection pool. The pool just
accepts userid/password as parameters to getConnection and returns a
connection for that userid. A background thread shuts down connections
that exceed some maximum idle time.
Regards,
Bob
___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".
Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
