Java Reference
In-Depth Information
A database provides an easy way to add, edit, or delete users at runtime and enables users
to create their own accounts without any administrative assistance. Using a database also
has an additional benefit, providing a place to securely store any extra user information.
A realm can be thought of as a database of user names and passwords that identify valid
users of a web application or set of web applications with an enumeration of the list of
roles associated with each valid user. Access to specific web application resources is gran-
ted to all users in a particular role, instead of enumerating a list of associated users. A user
name can have any number of roles associated with it.
Two of the tutorial case studies,
Chapter 26
,
“
Duke's Tutoring Case Study Example
,” and
Chapter 27
,
“
Duke's Forest Case Study Example
,
” use the JDBC realm for user authentic-
ation. Where appropriate, reference will be made to one or both of these examples.
To Configure a JDBC Authentication Realm
GlassFish Server enables administrators to specify a user's credentials (user name and
password) in the JDBC realm instead of in the connection pool. This prevents other ap-
plications from browsing the database tables for user credentials. By default, storing pass-
words as clear text is not supported in the JDBC realm. Under normal circumstances, pass-
words should not be stored as clear text.
1. Create the database tables in which user credentials for the realm will be
stored.
How you create the database tables depends on the database you are using. Duke's
Forest uses an Ant task,
create-tables
, in the
build.xml
file for the Entit-
ies project.
The task executes an SQL script,
create.sql
, that creates the
FOREST.PERSON
,
FOREST.GROUPS
, and
FOREST.PERSON_GROUPS
data-
base tables, as shown below:
CREATE TABLE "FOREST"."PERSON"
(
ID int NOT NULL PRIMARY KEY GENERATED ALWAYS AS IDENTITY
(START WITH 1, INCREMENT BY 1),
FIRSTNAME varchar(50) NOT NULL,
LASTNAME varchar(100) NOT NULL,
EMAIL varchar(45) NOT NULL UNIQUE,
ADDRESS varchar(45) NOT NULL,
CITY varchar(45) NOT NULL,
PASSWORD varchar(100),
DTYPE varchar(31)
