|
| |
| Sun Java System Access Manager 6 2005Q1 Administration Guide | |
Chapter 23
JDBC Authentication AttributesThe JDBC (Java Database Connectivity) Authentication attributes are organization attributes. The values applied to them under Service Configuration become the default values for the JDBC Authentication template. The service template needs to be created after registering the service for the organization. The default values can be changed after registration by the organization’s administrator. Organization attributes are not inherited by entries in the organization. The JDBC Authentication attributes are:
Connection Type
This field specifies the connection type to the SQL database, using either a JNDI (Java Naming and Directory Interface) connection pool or JDBC driver. The options are as follows:
The JNDI connection pool utilizes the configuration from the underlying web container.
Connection Pool JNDI Name
If JNDI is selected in Connection Type, this field specifies the connection pool name. Because JDBC authentication uses the JNDI connection pool provided by the web container, the setup of JNDI connection pool may not be consistent among other web containers.
The following example shows how to set up a connection pool for Web Server and MySQL 4.0:
- In the Web Server console, create a JDBC connection pool with the following attributes:
poolName: samplePool
DataSource Classname: com.mysql.jdbc.jdbc2.optional.MysqlDatacSource
serverName: server name of the mySQL server
port: port number on which mySQL server is running
user: user name of the database
password: password of the user
databaseName: database name
Note
The jar file which contain the DataSource class and the JDBC Driver class mentioned in the following steps should be added to the application class path.
- Configure the JDBC Resources. In the Web Server console, create a JDBC resource with the following attributes:
JNDI name: jdbc/samplePool
Pool name: samplePool
Data Resource Enabled: on
- Add the following lines to the sun-web.xml file of the application:
<resource-ref>
<res-ref-name>jdbc/mySQL</res-ref-name>
<jndi-name>jdbc/samplePool</jndi-name>
</resource-ref>
- Add the following lines to the web.xml file of the application:
Once you have completed the settings.the value for this attribute is as follows:
java:comp/env/jdbc/mySQL
JDBC Driver
If JDBC is selected in Connection Type, this field specifies the JDBC driver provided by the SQL database. For example:
com.mysql.jdbc.Driver
JDBC URL
This field specifies the database URL if JDBC is select in Connection Type. For example, the URL for mySQL is:
jdbc.mysql://hostname:port/databaseName
User to Connect to Database
This field specifies the user name from whom the database connection is made for the JDBC connection.
Password to Connect to Database
The field defines the password for the user specified in User to Connect to Database.
Password to Connect to Database (Confirm)
Confirm the password.
Password Column in Database
This field specifies the password column name in the SQL database.
Prepared Statement
This field specifies the SQL statement that retrieves the password of the user that is logging in. For example:
select Password from Employees where USERNAME = ?
Class to Transform Password Syntax
This attribute specifies the class name that transforms the password retrieved from the database, to the format of the user input, for password comparison. This class must implement the JDBCPasswordSyntaxTransform interface.
Authentication Level
The authentication level is set separately for each method of authentication. The value indicates how much to trust an authentication. Once a user has authenticated, this value is stored in the SSO token for the session. When the SSO token is presented to an application the user wants to access, the application uses the stored value to determine whether the level is sufficient to grant the user access. If the authentication level stored in an SSO token does not meet the minimum value required, the application can prompt the user to authenticate again through a service with a higher authentication level. The default value is 0.