Regards,<br /> <br />Ahsan Jamil<br />SCJP, SCWCD, IBM OOAD
Work like you don't need the money. Love like you've never been hated. Dance like nobody's watching. Sing like nobody's listening. Live like it's Heaven on Earth.
Currently I Reside Here WEBlog
Regards,<br /> <br />Ahsan Jamil<br />SCJP, SCWCD, IBM OOAD
Regards,<br /> <br />Ahsan Jamil<br />SCJP, SCWCD, IBM OOAD
Regards,<br /> <br />Ahsan Jamil<br />SCJP, SCWCD, IBM OOAD
[OCP 17 book] | [OCP 11 book] | [OCA 8 book] [OCP 8 book] [Practice tests book] [Blog] [JavaRanch FAQ] [How To Ask Questions] [Book Promos]
Other Certs: SCEA Part 1, Part 2 & 3, Core Spring 3, TOGAF part 1 and part 2
Regards,<br /> <br />Ahsan Jamil<br />SCJP, SCWCD, IBM OOAD
Regards,<br /> <br />Ahsan Jamil<br />SCJP, SCWCD, IBM OOAD
Regards,<br /> <br />Ahsan Jamil<br />SCJP, SCWCD, IBM OOAD
Originally posted by Ahsan Jamil:
In order to write a Session Listener, after writing Listener class, is it necessary to add <listener> info in web.xml.
And Do i need to add filters as well in my application because Iv read somewhere that the <listener> element must directly follow the <filter> and <filter-mapping> elements and directly precede the <servlet> element.
Originally posted by David O'Meara:
When asked for a Connection, the user must provide a session ID and the broker provides a connection for this session and caches it internally.
When the session expires (as notified by a listener), the connection is closed and removed from the internal cache.
Regards,<br /> <br />Ahsan Jamil<br />SCJP, SCWCD, IBM OOAD
Originally posted by David O'Meara:
another solution (a variation on kolkata's above) is to have a general Connection pool, but decorate it with roles.
Regards,<br /> <br />Ahsan Jamil<br />SCJP, SCWCD, IBM OOAD
Originally posted by Ahsan Jamil:
If i'll creat ea pool like that, then if user A of role X will demand a connection, he will get connection of that specific role but when user B of role Y will demand same connection from pool, that pooled connection cant serve because it has created on the basis of role X.
And I cannt force DBA to change role because its a legacy system.
Originally posted by Ahsan Jamil:
But what will happen if user will close his browser ? SessionListener cannt do anything in that case, and it'll not raise any event. And it'll let Database Connection unclosed.
Thanks & regards, Srini
MCP, SCJP-1.4, NCFM (Financial Markets), Oracle 9i - SQL ( 1Z0-007 ), ITIL Certified
Originally posted by Adeel Ansari:
No dont change the role buddy. Well, if user B needs role X and assigned role is Y, it means he/she need some privileges in role X. So just revoke that role Y and assign him/her role X. And if he/she needs both the roles several times then assign both the roles X and Y to user B. But then keep in mind you have to make it many to many relationship between users and role.
Regards,<br /> <br />Ahsan Jamil<br />SCJP, SCWCD, IBM OOAD
Originally posted by David Harkness:
Your tables would be queried to determine which pool to use for that user and store its identifier in the user's session.
Originally posted by Adeel Ansari:
Ahsan,
No I am not saying to assign a new role or revoke an existing role at runtime. I was saying that if user B needs role which is not assigned to him/her. Then he/she needs to make the request to admin that please I need this kinda privileges. But now its something else, because I misunderstood your point.
Infact, I haven't got you still. How can User B, with role DATAUSER, gets the connection as DATAADMIN. At the time of authentication you are checking username, password and the role. So, just give him/her the connection from that role-specific pool. Moreover, for authentication use a general connection.
Are you getting me?
Regards,<br /> <br />Ahsan Jamil<br />SCJP, SCWCD, IBM OOAD
Originally posted by Ahsan Jamil:
Yes i got it, but I'll have approx 15-20 roles wich means iv 2 write so many role-specific pools? does it make sense?
Regards,<br /> <br />Ahsan Jamil<br />SCJP, SCWCD, IBM OOAD
Then it sounds to me like your choices are limited. You need to create a separate pool for each role or roll your own pool that tracks the role for each connection and makes them available based on role.Originally posted by Ahsan Jamil:
Yes! Connection Pooling is definitely required because of load on system, but still maintaining role based auth is priority
Consider Paul's rocket mass heater. |