You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by André Brunnsberg <an...@planmill.com> on 2011/06/28 08:55:46 UTC
Best practise when using the datasource database realm
I have been testing the datasource database realm in combination with the
new Tomcat database pool and it seems to work fine.
However I would like to know if you guys use the same database pool for your
application or a separate pool for the application and a separate pool for
the realm.
Currently in production I use the jdbcrealm with a different username and
password that only has read access to the users and roles table. Therefore
if I would like to continue with the current database setting I would need a
different pool for the datasource realm.
Cheers,
André
Re: Best practise when using the datasource database realm
Posted by Christopher Schultz <ch...@christopherschultz.net>.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
André,
On 6/28/2011 2:55 AM, André Brunnsberg wrote:
> I have been testing the datasource database realm in combination with the
> new Tomcat database pool and it seems to work fine.
> However I would like to know if you guys use the same database pool for your
> application or a separate pool for the application and a separate pool for
> the realm.
I happen to use the same pool for both, though others on the list will
recommend otherwise.
> Currently in production I use the jdbcrealm
Whatever you do, you should replace JDBCRealm with something else:
JDBCRealm is a huge bottleneck.
> with a different username and
> password that only has read access to the users and roles table. Therefore
> if I would like to continue with the current database setting I would need a
> different pool for the datasource realm.
Right. If you have some requirement to limit the authentication system's
access to the database, then go ahead and set up a separate pool.
Definitely get away from JDBCRealm, though.
- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAk4J28EACgkQ9CaO5/Lv0PDhxQCgr98tN9tKB484Fobk0HiOcvob
7twAnA+Vnhi3em1uuromFMcHEOFEvbKZ
=Gb8h
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org