The Java Database Connectivity (JDBC) authentication module allows Federation Manager to authenticate users through any Structured Query Language (SQL) databases that provide JDBC-enabled drivers. The connection to the SQL database can be either directly through a JDBC driver or through a JNDI connection pool. The attributes are:
Specifies the connection type to the SQL database, using either a JNDI (Java Naming and Directory Interface) connection pool or JDBC driver. The options are:
Connection pool is retrieved via JDNI
Non-persistent JDBC connection
The JNDI connection pool utilizes the configuration from the underlying web container.
If JNDI is selected in Connection Type, this field specifies the connection pool name. Because JDBC authentication uses the JNDI connection pool provided by the web container, the setup of JNDI connection pool may not be consistent among other web containers. See the Sun Java System Access Manager 7 2005Q4 Administration Guide for examples.
If JDBC is selected in Connection Type, this field specifies the JDBC driver provided by the SQL database. For example, com.mysql.jdbc.Driver.
Specifies the database URL if JDBC is select in Connection Type. For example, the URL for mySQL is jdbc.mysql://hostname:port/databaseName.
Specifies the user name from whom the database connection is made for the JDBC connection.
Defines the password for the user specified in User to Connect to Database.
Confirm the password.
Specifies the password column name in the SQL database.
Specifies the SQL statement that retrieves the password of the user that is logging in. For example:
select Password from Employees where USERNAME = ?
Specifies the class name that transforms the password retrieved from the database, to the format of the user input, for password comparison. This class must implement the JDBCPasswordSyntaxTransform interface.
The authentication level is set separately for each method of authentication. The value indicates how much to trust an authentication mechanism. Once a user has authenticated, this value is stored in the SSO token for the session. When the SSO token is presented to an application the user wants to access, the application uses the stored value to determine whether the level is sufficient to grant the user access. If the authentication level stored in an SSO token does not meet the minimum value required, the application can prompt the user to authenticate again through a service with a higher authentication level. The default value is 0.
If no authentication level is specified, the SSO token stores the value specified in the Core Authentication attribute Default Authentication Level.