Sun and OracleChannel SunHow to BuyLog InEnglish

Sun OpenSSO Enterprise 8.0 Administration Reference
  Search only this book
Search Help
Contained Within
Find More Documentation
Featured Support Resources
 Download this book in PDF (2539 KB)

JDBC

The Java Database Connectivity (JDBC) authentication module allows OpenSSO Enterprise to authenticate users through any Structured Query Language (SQL) databases that provide JDBC-enabled drivers. The connection to the SQL database can be either directly through a JDBC driver or through a JNDI connection pool. The JDBC attributes are realm attributes. The attributes are:

Connection Type

Specifies the connection type to the SQL database, using either a JNDI (Java Naming and Directory Interface) connection pool or JDBC driver. The options are:

  • Connection pool is retrieved via JNDI

  • Non-persistent JDBC connection

The JNDI connection pool utilizes the configuration from the underlying web container.

Connection Pool JNDI Name

If JNDI is selected in Connection Type, this field specifies the connection pool name. Because JDBC authentication uses the JNDI connection pool provided by the web container, the setup of JNDI connection pool may not be consistent among other web containers. See the OpenSSO Enterprise Administration Guide for examples

JDBC Driver

If JDBC is selected in Connection Type, this field specifies the JDBC driver provided by the SQL database. For example, com.mysql.jdbc.Driver. The class specified by JDBC Driver must be accessible to the web container instance on which OpenSSO has been deployed and configured. Include the .jar file that contains the JDBC driver class in the OpenSSO-deploy-base/WEB-INF/lib directory.

JDBC URL

Specifies the database URL if JDBC is select in Connection Type. For example, the URL for mySQL is jdbc.mysql://hostname:port/databaseName.

Connect This User to Database

Specifies the user name from whom the database connection is made for the JDBC connection.

Password for Connecting to Database

Defines the password for the user specified in User to Connect to Database.

Password for Connecting to Database Confirm

Confirm the password.

Password Column String

Specifies the password column name in the SQL database.

Prepared Statement

Specifies the SQL statement that retrieves the password of the user that is logging in. For example:


 select Password from Employees where USERNAME = ?

Class to Transform Password Syntax

Specifies the class name that transforms the password retrieved from the database, to the format of the user input, for password comparison. This class must implement the JDBCPasswordSyntaxTransform interface.

By default, the value of this attribute is com.sun.identity.authentication.modules.jdbc.ClearTextTransform which expects the password to be in clear text.

Authentication Level

The authentication level is set separately for each method of authentication. The value indicates how much to trust an authentication mechanism. Once a user has authenticated, this value is stored in the SSO token for the session. When the SSO token is presented to an application the user wants to access, the application uses the stored value to determine whether the level is sufficient to grant the user access. If the authentication level stored in an SSO token does not meet the minimum value required, the application can prompt the user to authenticate again through a service with a higher authentication level. The default value is 0.

Note –

If no authentication level is specified, the SSO token stores the value specified in the Core Authentication attribute Default Authentication Level.

ProcedureTo Configure a Connection Pool — Example

The following example shows how to set up a connection pool for Web Server and MySQL 4.0:

  1. In the Web Server console, create a JDBC connection pool with the following attributes:

    poolName

    samplePool

    DataSource Classname

    com.mysql.jdbc.jdbc2.optional.MysqlDatacSource

    serverName

    Server name of the mySQL server.

    port

    Port number on which mySQL server is running.

    user

    User name of the database password.

    password

    The password of the user.

    databaseName

    The name of the database.

    Note –

    The jar file which contain the DataSource class and the JDBC Driver class mentioned in the following steps should be added to the application class path

  2. Configure the JDBC Resources. In the Web Server console, create a JDBC resource with the following attributes:

    JNDI name

    jdbc/samplePool

    Pool name

    samplePool

    Data Resource Enabled

    on

  3. Add the following lines to the sun-web.xml file of the application:

    <resource-ref>
      <res-ref-name>jdbc/mySQL</res-ref-name>
      <jndi-name>jdbc/samplePool</jndi-name>
</resource-ref>

  4. Add the following lines to the web.xml file of the application:

    <resource-ref>
       <description>mySQL Database</description>
       <res-ref-name>jdbc/mySQL</res-ref-name>
       <res-type>javax.sql.DataSource</res-type>
       <res-auth>Container</res-auth>
</resource-ref>

  5. Once you have completed the settings the value for this attribute is becomes java:comp/env/jdbc/mySQL.