Good Evening Leo-
i would suggest using the Digest class (over command line calculation of Password) http://tomcat.apache.org/tomcat-6.0-doc/realm-howto.html#Digested%20Passwords HTH Martin Gainty ______________________________________________ Relayers are requested to not disrupt or alter this transmission. > From: leodona...@mail.maricopa.gov > To: users@tomcat.apache.org > Date: Wed, 24 Mar 2010 10:28:52 -0700 > Subject: RE: Connecting to a Database > > Thanks everyone. I understand this better. > > I know you can specify digest for a Realm, but I don't see where I can do > that for a Resource. Do I need to leave the password of "javadude" in the > Resource in clear text, or can it be a digested version of "javadude" in > clear text in the Resource element? > > The SQL table of user passwords will be in digest, but I wasn't sure if I > could use a digested password as part of the configuration for the account > that connects to the "authstore" database. > > Leo > > -----Original Message----- > From: Christopher Schultz [mailto:ch...@christopherschultz.net] > Sent: Wednesday, March 24, 2010 8:56 AM > To: Tomcat Users List > Subject: Re: Connecting to a Database > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Leo, > > On 3/24/2010 11:43 AM, Leo Donahue - PLANDEVX wrote: > > No, not sure. That is what I was confused about. > > JDBC Realm, vs JNDI DataSourceRealm, vs JDBC DataSource > > A Realm is something Tomcat uses for authentication. A DataSource is an > object which hands out database connections. The use of JDBC vs. JNDI is > really just about how the connections are obtained: JDBCRealm manages its own > JDBC connection (and is heavily synchronized, as Mark mentions: > don't use it). DataSourceRealm uses a DataSource obtained via JNDI and > configured via a <Resource> element. There is no JDBCDataSource that I know > of. > > Recommended setup (IMHO): configure everything in META-INF/context.xml and > use DataSourceRealm. No need to configure anything in server.xml and no need > to configure anything at the OS level (as Mark mentioned, that's ODBC). > > > Assuming I have the correct tables in the database named "authstore", does > > this look right? > > > > ** in server.xml ** > > <Realm className="com.microsoft.sqlserver.jdbc.SQLServerDriver" > > className should be org.apache.catalina.realm.DataSourceRealm > > > dataSourceName="jdbc/authority" > > userTable="users" userNameCol="user_name" userCredCol="user_pass" > > userRoleTable="user_roles" roleNameCol="role_name"/> > > Ok. > > > ** in META-INF/context.xml of specific webapp ** > > <resource-ref> > > <description>DB Connection</description> > > <res-ref-name>jdbc/authority</res-ref-name> > > <res-type>javax.sql.DataSource</res-type> > > <res-auth>Container</res-auth> > > </resource-ref> > > This is actually stuff for web.xml, though it is not required if you have > your <Resource> defined in META-INF/context.xml. > > > ** also in META-INF/context.xml file? ** > > <Resource name="jdbc/authority" auth="Container" type="javax.sql.DataSource" > > username="javauser" password="javadude" > > driverClassName="com.microsoft.sqlserver.jdbc.SQLServerDriver" > > url="jdbc:sqlserver://localhost;database=authstore"/> > > Looks good to me. Make sure your JDBC driver JAR file is in CATALINA_BASE/lib > and nowhere else. > > - -chris > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.10 (MingW32) > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ > > iEYEARECAAYFAkuqNfkACgkQ9CaO5/Lv0PAgQwCgt7UySAU4hOcZzw4oGFlEqeqM > l3EAoJt8ySaQRmKKwVZbS8NytPs8HfqZ > =ou3q > -----END PGP SIGNATURE----- > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > _________________________________________________________________ Hotmail has tools for the New Busy. Search, chat and e-mail from your inbox. http://www.windowslive.com/campaign/thenewbusy?ocid=PID27925::T:WLMTAGL:ON:WL:en-US:WM_HMP:032010_1
