On 10/11/2010 21:42, Christopher Schultz wrote: > To be explicit, if I want a class (say, DbStuff) to be able to make a > database connection yet prevent other classes from doing so, I need to > do something like this: > > public class DbStuff > { > protected Connection getConnection() > { > Connection conn = null; > > AccessController.doPrivileged(new PrivilegedAction<Connection>() { > public Connection run() > { > DataSource ds = // get from JNDI > return ds.getConnection(); > } > }); > } > > public List<Person> getPeople() > { > Connection conn = null; > > try { > conn = getConnection(); > > // SELECT * FROM people > > return people; > } > } > } > > public class MyTest > { > public static void main(String[] args) > { > new DbStuff().getPeople(); > } > } > > So, if I give access to "connect", etc. in my policy file to the DbStuff > class, then DbStuff can use it's own getConnection method to obtain > database connections, but MyTest would be unable to, say, use > DriverManager to create a new connection to the database. Do I have that > right?
You do, but... The way DbStuff is written I could extend it and call the protected getConnection() method directly. You should probably make that method private. Mark --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org