EJB3.0 Entities and database password control

---

• From: Alistair <this.is.a.spambucket@xxxxxxxxx>
• Date: Mon, 11 Jun 2007 11:03:29 -0000

---

Hello all,

I've recently started working with EJB3.0 and have been rather
impressed by the apparent simplicity that the use of entity beans
bring to persistence etc... but then, I am a recent refugee from the
world of Ada programming, so to be honest, everything seems remarkably
hassle-free... ;).

I'm using OC4J (Java Edition) as my J2EE container, with Oracle XE as
the backend database. I've been using JDeveloper as my IDE and have
found it very straightforward to get a simple application up and
running which searches and updates the database through the use of a
single database user.

However, what I want to do now is tighten up the database security a
bit. Rather than a single database user, I want to have one of the
following situations:

- one database user per application role (e.g. database users called
"admin", "user", etc.); OR
- one database user per application user (e.g. database users called
"bob", "fred", "tom",... each with their own permissions).

The database side of things are fairly straightforward, but I'm not
clear as to how I can get my entities working in this way. At the
moment I'm using (I think) a container managed data source and so the
connection between my entities and the database happens as if by
magic.

Presumably, in order to have different users accessing the database in
different ways, I need to do something a little more manual. I'm
guessing that I need to indicate to the entity manager, somehow, that
a particular username should be used when connecting to the database.

I realise that this is probably quite a large topic, but any pointers
to appropriate documentation would be appreciated as, at this point,
I'm not even sure where to start looking.

Many thanks,


Alistair.

.

---

• Prev by Date: [HIBERNATE] Problems with inserting and updating
• Next by Date: JDBC commit problem
• Previous by thread: [HIBERNATE] Problems with inserting and updating
• Next by thread: JDBC commit problem
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: securityadmin ... add the database user to db_datareader, ... fixed server role Security Administrators. ... I can go ahead and add that login as a database user and add them ... (microsoft.public.sqlserver.security) Re: SQL Users (Basic Question)? ... A login is stored in the master database. ... ability to connect to the SQL Server. ... A database user allows a login to use a particular database and the entry is ... (microsoft.public.sqlserver.security) RE: Question from Assessment ... Database User, Database Role, and Application Role. ... then the answer would be a Database User and/or and Application Role. ... You are the senior database administrator for a personnel management ... The company recently upgraded all servers running SQL Server 2000 to SQL ... (microsoft.public.sqlserver.security) Re: SecurityAdmin server role ... Add that login to that partcular database as a database user and assign ... SQL Server MVP ... (microsoft.public.sqlserver.security) Re: ADO Connection Timeout ... so what happens when a connection failure forces one station to revert ... to a local database? ... Further, you *will* have contention issues, Jet does not support record ... to the central server, but you are willing to live with periods where it ... (microsoft.public.data.ado)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(11)