You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@tomcat.apache.org by André Brunnsberg <an...@planmill.com> on 2011/06/28 08:55:46 UTC

Best practise when using the datasource database realm

I have been testing the datasource database realm in combination with the
new Tomcat database pool and it seems to work fine.
However I would like to know if you guys use the same database pool for your
application or a separate pool for the application and a separate pool for
the realm.

Currently in production I use the jdbcrealm with a different username and
password that only has read access to the users and roles table. Therefore
if I would like to continue with the current database setting I would need a
different pool for the datasource realm.

Cheers,

André

Re: Best practise when using the datasource database realm

Posted by Christopher Schultz <ch...@christopherschultz.net>.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

André,

On 6/28/2011 2:55 AM, André Brunnsberg wrote:
> I have been testing the datasource database realm in combination with the
> new Tomcat database pool and it seems to work fine.
> However I would like to know if you guys use the same database pool for your
> application or a separate pool for the application and a separate pool for
> the realm.

I happen to use the same pool for both, though others on the list will
recommend otherwise.

> Currently in production I use the jdbcrealm

Whatever you do, you should replace JDBCRealm with something else:
JDBCRealm is a huge bottleneck.

> with a different username and
> password that only has read access to the users and roles table. Therefore
> if I would like to continue with the current database setting I would need a
> different pool for the datasource realm.

Right. If you have some requirement to limit the authentication system's
access to the database, then go ahead and set up a separate pool.
Definitely get away from JDBCRealm, though.

- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk4J28EACgkQ9CaO5/Lv0PDhxQCgr98tN9tKB484Fobk0HiOcvob
7twAnA+Vnhi3em1uuromFMcHEOFEvbKZ
=Gb8h
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org