To Configure a JDBC Realm

Enterprise Server enables you to specify a user's credentials (user name and password) in the jdbc realm instead of in the connection pool. Using the jdbc realm instead of the connection pool prevents other applications from browsing the database tables for user credentials.

By default, storage of passwords as clear text is not supported in the jdbc realm. Under normal circumstances, passwords should not be stored as clear text.

1. Create the database tables in which to store user credentials for the realm.

   How you create the database tables depends on the database that you are using.

2. Add user credentials to the database tables that you created.

   How you add user credentials to the database tables depends on the database that you are using.

3. Create a jdbc realm.

   For instructions, see To Create an Authentication Realm.

4. Modify the deployment descriptor to specify the jdbc realm.

   Modify the deployment descriptor that is associated with your application.

   For more information about how to specify a realm, see How to Configure a Realm in Sun GlassFish Enterprise Server v3 Prelude Developer’s Guide.

5. Assign security roles to users in the realm.

   To assign a security role to a user, add a security-role-mapping element to the deployment descriptor that you modified.

Example 7–4 Assigning a Security Role

The following example shows a security-role-mapping element that assigns the security role Employee to user Calvin:

<security-role-mapping>
    <role-name>Employee</role-name>
    <principal-name>Calvin</principal-name>
  </security-role-mapping>