Subject | Re: [IB-Java] Direct Client and authentication |
---|---|
Author | David Jencks |
Post date | 2001-12-04T17:44:31Z |
This is very good, you are finding all the little hacks I put in and forgot
to go back and fix ;-)
I will have to spend a little time looking into this.
What I thought was happening...
your app asks (FB)DataSource for a connection
ConnectionManager figures out (from PrincipalMappingProperties and
PrincipalMapping) who you are, and constructs a Subject.
ConnectionManager calls mcf.createManagedConnection, with this subject.
This subject is used to attach to the db.
--------------
Ignoring the subject and cri in getConnection is not so good, but... the
connection is already established then. In this case we could either check
that the subject is the same as the original one for the connection, or...
since the physical connections are not in 1-1 correspondence to the
ManagedConnections, so any ManagedConnection can handle work on any
transaction, we could look for/create a physical connection with the
correct subject and use it.
I don't have time right now to investigate this as much as I would like.
Let me know if you come up with anything.
Thanks
david jencks
to go back and fix ;-)
I will have to spend a little time looking into this.
What I thought was happening...
your app asks (FB)DataSource for a connection
ConnectionManager figures out (from PrincipalMappingProperties and
PrincipalMapping) who you are, and constructs a Subject.
ConnectionManager calls mcf.createManagedConnection, with this subject.
This subject is used to attach to the db.
--------------
Ignoring the subject and cri in getConnection is not so good, but... the
connection is already established then. In this case we could either check
that the subject is the same as the original one for the connection, or...
since the physical connections are not in 1-1 correspondence to the
ManagedConnections, so any ManagedConnection can handle work on any
transaction, we could look for/create a physical connection with the
correct subject and use it.
I don't have time right now to investigate this as much as I would like.
Let me know if you come up with anything.
Thanks
david jencks
On 2001.12.04 11:26:21 -0500 "Goedhart, Andrew" wrote:
> Carrying on from the discussion yesterday, David thanks for you comments
> By the way the reason for no CVS acces other then HTMl is that I am
> behind
> a firewall and the IS department has blocked the CVS port and is not
> allowing socks tunneling as far as I can tell they have only opened up
> Html
> and FTp ports, no news groups either.
>
> Got the connect working just had to get a valid user up and running
> (currently hard coded but now we have the next problem.
>
> Seems like we are not even using the supplied credentials even when
> connecting to the database. Can someone with a linux system change the
> credential in the firebird-services.xml file to garbage and tell me if it
> still works. I think we have a trusted linux connection which is why it
> works.
>
> The code that I suspect is causing the problem is the following
>
> public java.lang.Object getConnection(Subject subject,
> ConnectionRequestInfo cxRequestInfo)
> throws ResourceException {
>
> //subject currently ignored
> //cxRequestInfo currently ignored.
> FBConnection c = new FBConnection(this);
> connectionHandles.add(c);
> return c;
> }
>
> However when I put loggin in the about statement the code is called only
> after the first attempt to logiinto the database ???
>
> Can anyone tell me the sequence of events that surround allocating a
> connection I.e. Where Can I get a valid user anme and password.
>
> By the way there is no user name and password in the connection request
> object passed to isc_attach..... if you try do a getUser it returns NULL
>
> Andrew
>
>
> To unsubscribe from this group, send an email to:
> IB-Java-unsubscribe@egroups.com
>
>
>
> Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
>
>
>
>
>