This week's book giveaway is in the OCAJP 8 forum. We're giving away four copies of OCA Java SE 8 Programmer I Study Guide and have Edward Finegan & Robert Liguori on-line! See this thread for details.
Does anybody know how I can create a jdbc realm and a jdbc property file for the database connection so that... I am using eclipse and when I created a dynamic web application and deploy it. It deploys it as a war file. But if I give the war file to a friend that has access to my database.
How can the war file contain the jdbc realm files need for security. The web.xml has all the user roles in it but they won't work without the jdbc realm stuff.
Basically we are working on this big web application project using svn. But without each person setting up the realm on their web server they won't beable to run it with the security when they deploy the war file.
It would help if you would clue us in as to what application server you are using. For example, I'm using Weblogic on a project. It has a script interface called wlst (Weblogic Scripting Tool) that we use to import and export lists of users between realms.
I am using jetty 6.1.9 with eclipse-reporting-ganymede-win32. Basically I downloaded the jetty connector so that I can create a jetty server under the server browser. etc etc...
It runs it fine and works fine. But I am worried about other people trying to run it in their web server. Sure the War file will deploy to their webapps folder and they can use eclipse to run the web application in their environment but My web.xml file (which is in the war file) has security roles which use jdbc realm.
But the only way to create jdbc realms was either adding an Item to the UserRealms xmls tag in the etc\jetty.xml file WHICH WAS NEVER PART OF THE WAR FILE! Or Putting a xml configuration file in the jetty configuration folder. AGAIN NOT PART OF THE WAR FILE.
The only other thing I can think of is putting a jetty-web.xml file in the WEB-INF of the war file. But then I have the problem of if somebody takes the war file to a Tomcat server they have to setup up the security all over again.
I just thought their would be away of using jdbc realm stuff with in war files.
Originally posted by Sam Doder: I just thought their would be away of using jdbc realm stuff with in war files.
I'm not aware of any way to do it within the J2EE specification. The authors of the spec like to give containers a lot of latitude in their implementation once you get away from the application code. My advice would be to look into scripting the realm setup somehow and hand that over in addition to your WAR.