my dog learned polymorphism
The moose likes Tomcat and the fly likes Connect to db Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Products » Tomcat
Bookmark "Connect to db" Watch "Connect to db" New topic

Connect to db

Isaac Mcmahnus

Joined: Jan 08, 2007
Posts: 16
I'm trying to connect my web application and pages to a db2 database on a unix system.

Right now i can connect using JDBC, my username, password and so on after loggin on using j_security_check.

But it's accessing tomcat-users.xml or whatever.. That's great and all and it works, but I need a way for the database connection to relate to the user's who sign in or not, not by my database connection and authentication.

Some users have access to the DB, while others might not...

I have to figure out a way where after a User signs into the secure part of the website, those username and passwords get stored or are used for the JDBC connection when they click on a table or report that needs to get info or store info in the DB2 Database.

Right now I hardcoded my user name, password and so on in the JDBC connection just to get it to work. I get reports back, can update things and so on. I was playing around with JNDI, but since I'm not the server admin and they haven't always been "tech" or helpful, i'm not sure if that's the best option.

But I need a way for the usernames and passwords to somehow be used as the "username" and "password" part of the jdbc connection. Instead of my username and password.

Jan Cumps

Joined: Dec 20, 2006
Posts: 2565


This is not available in Tomcat.

You would have to write your own Realm implementation to get this functionality.
The JDBC realm available in Tomcat is implemented by class org.apache.catalina.realm.JDBCRealm.

This class looks up the connect parameters in the Tomcat configuration, and connects to the database to verify the user's credentials.

Your class would have to use these credentials, and use them to make the connection.

Once you start with digested passwords, you don't even have a mechanism to retrieve the user's password.

Regards, Jan

OCUP UML fundamental and ITIL foundation
Jeanne Boyarsky
author & internet detective

Joined: May 26, 2003
Posts: 33113

Welcome to JavaRanch!

I'm going to move this to our Tomcat forum for you so you can get more help.

[OCA 8 book] [Blog] [JavaRanch FAQ] [How To Ask Questions The Smart Way] [Book Promos]
Other Certs: SCEA Part 1, Part 2 & 3, Core Spring 3, TOGAF part 1 and part 2
I agree. Here's the link:
subject: Connect to db
It's not a secret anymore!