You are viewing a plain text version of this content. The canonical link for it is here.
Posted to jdo-dev@db.apache.org by Erik Bengtson <er...@jpox.org> on 2007/10/26 15:49:16 UTC
multiple databases one PM/TX
In JPOX we are implementing the access to multiple datastores within a single
PM/TX. If not too late, Im wonder if you like to hear a proposal to
standardize the configuration of the jdoconfig and jdo metadata to be able to
handle this scenario. It may sound overkill, but IMO is a major advance over
JPA.
To introduce the subject, the goal is to handle persistence in multiple
databases (e.g. derby, oracle, DB4O, Versant, XML) within a single JDO
transaction/ single PM. From the user point of view, there are two items that
must be configured, jdo metadata, jdo configuration, in which would be part of
this proposal, so I show below an example of the configurations:
/jdoconfig/ sequence unbounded PMF
/jdoconfig/ sequence unbounded Resource
/PMF/
/PMF/@Class
/PMF/@TransactionTimeout
/PMF/@...
/Resource/
/Resource/@Name
/Resource/Connection Settings/
/Resource/Connection Settings/@ConnectionFactoryName
/Resource/Connection Settings/@ConnectionClientID
/Resource/Connection Settings/@ReadOnly
/Resource/Connection Settings/@...
/Resource/Transaction/
/Resource/Transaction/@TwoPhaseCommit
/Resource/Transaction/@Timeout
ConnectionClientID
----------------------------
ConnectionClientID is the identifier for the connection. Some databases such as
Oracle use this to identify the end user (not the connection user).
ConnectionClientID would accept the values:
1 - CredentialMapping - the CredentialMapping takes the principal of the running
application and sets it as client id - eg. ConnectionClientID=CredentialMapping
2 - Identity the client id is taken from the id right after the Identity word
- eg. ConnectionClientID=Identity:MyUser
ReadOnly
----------------------------
ReadOnly (accepts true, false) will block write operations to this connection
TwoPhaseCommit
--------------------------
Two options:
1 LastLoggingResource - If the resource is non XA, push down this resource in
commit order.
2 Emulated Emulates non XA protocol. Heuristics errors could happen
Example:
<jdoconfig>
<pmf name=snowdog default-resource=Oracle>
</pmf>
<resource name=ERP>
<connection connectionfactoryname=BSCS_Hot/>
</resource>
<resource name=PeopleSoft>
<connection connectionfactoryname=PS_Onyx/>
</resource>
<resource name=Oracle>
<connection connectionfactoryname=ORA_Vinci
connection-client-id=CredentialMapping/>
<transaction two-phase-commit=LLR timeout=30/>
</resource>
<resource name=Xml>
<connection readonly=true/>
<extension>
<jpox:xml file=file:/usr/home/myxml.xml/>
</extension>
</resource>
</jdoconfig>
<jdo>
<package>
<class name=Invoice resource=ERP/>
<class name=ClassData/> <!-- uses default-resource -->
<class name=Person resource=PeopleSoft/>
<class name=ReferenceData resource=Xml/>
</package>
</jdo>
Quoting Michelle Caisse <Mi...@sun.com>:
> Hi,
>
> We will have our regular meeting Friday, October 26 at 9 am PDT to
> discuss JDO TCK issues and status.
>
> Dial-in numbers are:
> 866 230-6968 294-0479#
> International: +1 865 544-7856
>
> Agenda:
>
> 1. Subquery spec update
> 2. Other issues
>
> Action Items from weeks past:
>
> [Oct 12 2007] AI Michael take a look at subquery tck tests.
> https://issues.apache.org/jira/browse/JDO-446
>
> [Sep 14 2007] AI Matthew provide examples for 8.6.1.1 jdoconfig.xml.
>
> [June 22 2007] AI Craig discuss svn:eol-style on email.
>
> [June 22 2007] AI Craig write a proposal on annotation overrides for
> the expert group.
>
> [May 25 2007] AI everyone Download the Grails demo from grails.org and
> check it out. Also look at Grails/Groovy ExpandoMetaClass that has the
> magic to avoid reflection and enhancement.
>
> [May 25 2007] AI Matthew Adams prepare a proposal with just the basics
> of schema synchronization with jdo and orm metadata.
>
> [May 18 2007] AI Craig update http://wiki.apache.org/jdo/
> CurrentDevelopment wiki page
>
> [Apr 27 2007] AI Craig review Query API and send email to experts.
>
> [Apr 27 2007] AI Erik file a JIRA regarding JPA style transactions and
> attach his discussion document to it.
>
> [Mar 9 2007] AI Craig: Update the spec to require that the key of the
> listener is the class name of the listener, for consistency with
> proposed xml..
>
> [Mar 2 2007] AI Craig: update the JDOHelper class to include a string
> constant "META-INF/jdo.xml" and a new method
> getPersistenceManagerFactory taking no arguments.
>
> [Aug 11 2006] AI Craig propose some semantics for behavior if user
> tries to add to a list where the ordering element is incorrect.
>
> [Jul 14 2006] AI: Erik document 220 annotations that don't have a
> corresponding JDO concept.
>
> [Jun 23 2006] AI Martin look at what Hibernate and TopLink support
> for Enum types. In progress.
>
> [Apr 14 2006] AI Craig: update the roadmap for JDO. In progress.
>
> [Nov 4 2005] AI Martin: Update Martin's wiki with discusion of JDK 1.5
> issues. In progress
>
> [Sep 2 2005] AI: To recruit members, update the web site. Articles on
> TheServerSide directing attention to the site. T-shirts, logo. AI:
> Craig write a ServerSide article.
>
> -- Michelle
>
> >
>
Re: multiple databases one PM/TX
Posted by Joerg von Frantzius <jo...@artnology.com>.
Hi Erik,
OK now I got it, you want to support fields within the same PC class to
be persisted to different datasources, right?
Erik Bengtson schrieb:
> Jorg,
>
> An example:
>
> Class product
>
> Field name ; //oracle
> Field price ; //erp
> Field instock ; //erp
>
> With multiple databases feature, you can load an object distributed in multiples databases. As Eric said we will not reinvent JTA.
>
> Each implementation can use JTA to support transactions with multiple datasources, but can use any other mechanism (not defined). JPOX is pluggable and enabled to accept any jta implementation.
>
> If you don't provide an external jta implementation, JPOX will use its internal implementation.
> -- BlackBerry® from Mobistar ---
>
> -----Original Message-----
> From: Joerg von Frantzius <jo...@artnology.com>
>
> Date: Mon, 05 Nov 2007 10:28:55
> To:jdo-dev@db.apache.org
> Cc:jdo-experts-ext@sun.com
> Subject: Re: multiple databases one PM/TX
>
>
> Hi Erik,
>
> there is one thing that I don't understand about this proposed feature
> (which may be just me not seeing the obvious point of course :)
>
> Running 2PC on multiple data sources is handled already by J2EE
> implementations, and, as far as I recall, there are also libraries
> available that provide a JTA without a full blown J2EE server. Why would
> you want to duplicate this already existing and available functionality
> in JDO?
>
> Regards,
> Jörg
>
> Erik Bengtson schrieb:
>
>> In JPOX we are implementing the access to multiple datastores within a single
>> PM/TX. If not too late, I’m wonder if you like to hear a proposal to
>> standardize the configuration of the “jdoconfig” and jdo metadata to be able to
>> handle this scenario. It may sound overkill, but IMO is a major advance over
>> JPA.
>>
>> To introduce the subject, the goal is to handle persistence in multiple
>> databases (e.g. derby, oracle, DB4O, Versant, XML) within a single JDO
>> transaction/ single PM. From the user point of view, there are two items that
>> must be configured, jdo metadata, jdo configuration, in which would be part of
>> this proposal, so I show below an example of the configurations:
>>
>> /jdoconfig/ sequence unbounded PMF
>> /jdoconfig/ sequence unbounded Resource
>>
>> /PMF/
>> /PMF/@Class
>> /PMF/@TransactionTimeout
>> /PMF/@...
>> /Resource/
>> /Resource/@Name
>> /Resource/Connection Settings/
>> /Resource/Connection Settings/@ConnectionFactoryName
>> /Resource/Connection Settings/@ConnectionClientID
>> /Resource/Connection Settings/@ReadOnly
>> /Resource/Connection Settings/@...
>> /Resource/Transaction/
>> /Resource/Transaction/@TwoPhaseCommit
>> /Resource/Transaction/@Timeout
>>
>> ConnectionClientID
>> ----------------------------
>> ConnectionClientID is the identifier for the connection. Some databases such as
>> Oracle use this to identify the end user (not the connection user).
>> ConnectionClientID would accept the values:
>>
>> 1 - CredentialMapping - the CredentialMapping takes the principal of the running
>> application and sets it as client id - eg. ConnectionClientID=CredentialMapping
>> 2 - Identity – the client id is taken from the id right after the Identity word
>> - eg. ConnectionClientID=Identity:MyUser
>>
>> ReadOnly
>> ----------------------------
>> ReadOnly (accepts true, false) will block write operations to this connection
>>
>> TwoPhaseCommit
>> --------------------------
>> Two options:
>>
>> 1 – LastLoggingResource - If the resource is non XA, push down this resource in
>> commit order.
>> 2 – Emulated – Emulates non XA protocol. Heuristics errors could happen
>>
>> Example:
>>
>> <jdoconfig>
>>
>> <pmf name=”snowdog” default-resource=”Oracle”>
>> </pmf>
>>
>> <resource name=”ERP”>
>> <connection connectionfactoryname=”BSCS_Hot”/>
>> </resource>
>>
>> <resource name=”PeopleSoft”>
>> <connection connectionfactoryname=”PS_Onyx”/>
>> </resource>
>>
>> <resource name=”Oracle”>
>> <connection connectionfactoryname=”ORA_Vinci”
>> connection-client-id=”CredentialMapping”/>
>> <transaction two-phase-commit=”LLR” timeout=”30”/>
>> </resource>
>>
>> <resource name=”Xml”>
>> <connection readonly=”true”/>
>> <extension>
>> <jpox:xml file=”file:/usr/home/myxml.xml”/>
>> </extension>
>> </resource>
>>
>>
>> </jdoconfig>
>>
>> <jdo>
>> <package>
>> <class name=”Invoice” resource=”ERP”/>
>> <class name=”ClassData”/> <!-- uses default-resource -->
>> <class name=”Person” resource=”PeopleSoft”/>
>> <class name=”ReferenceData” resource=”Xml”/>
>> </package>
>> </jdo>
>>
>>
>>
>>
>> Quoting Michelle Caisse <Mi...@sun.com>:
>>
>>
>>
>>> Hi,
>>>
>>> We will have our regular meeting Friday, October 26 at 9 am PDT to
>>> discuss JDO TCK issues and status.
>>>
>>> Dial-in numbers are:
>>> 866 230-6968 294-0479#
>>> International: +1 865 544-7856
>>>
>>> Agenda:
>>>
>>> 1. Subquery spec update
>>> 2. Other issues
>>>
>>> Action Items from weeks past:
>>>
>>> [Oct 12 2007] AI Michael take a look at subquery tck tests.
>>> https://issues.apache.org/jira/browse/JDO-446
>>>
>>> [Sep 14 2007] AI Matthew provide examples for 8.6.1.1 jdoconfig.xml.
>>>
>>> [June 22 2007] AI Craig discuss svn:eol-style on email.
>>>
>>> [June 22 2007] AI Craig write a proposal on annotation overrides for
>>> the expert group.
>>>
>>> [May 25 2007] AI everyone Download the Grails demo from grails.org and
>>> check it out. Also look at Grails/Groovy ExpandoMetaClass that has the
>>> magic to avoid reflection and enhancement.
>>>
>>> [May 25 2007] AI Matthew Adams prepare a proposal with just the basics
>>> of schema synchronization with jdo and orm metadata.
>>>
>>> [May 18 2007] AI Craig update http://wiki.apache.org/jdo/
>>> CurrentDevelopment wiki page
>>>
>>> [Apr 27 2007] AI Craig review Query API and send email to experts.
>>>
>>> [Apr 27 2007] AI Erik file a JIRA regarding JPA style transactions and
>>> attach his discussion document to it.
>>>
>>> [Mar 9 2007] AI Craig: Update the spec to require that the key of the
>>> listener is the class name of the listener, for consistency with
>>> proposed xml..
>>>
>>> [Mar 2 2007] AI Craig: update the JDOHelper class to include a string
>>> constant "META-INF/jdo.xml" and a new method
>>> getPersistenceManagerFactory taking no arguments.
>>>
>>> [Aug 11 2006] AI Craig propose some semantics for behavior if user
>>> tries to add to a list where the ordering element is incorrect.
>>>
>>> [Jul 14 2006] AI: Erik document 220 annotations that don't have a
>>> corresponding JDO concept.
>>>
>>> [Jun 23 2006] AI Martin look at what Hibernate and TopLink support
>>> for Enum types. In progress.
>>>
>>> [Apr 14 2006] AI Craig: update the roadmap for JDO. In progress.
>>>
>>> [Nov 4 2005] AI Martin: Update Martin's wiki with discusion of JDK 1.5
>>> issues. In progress
>>>
>>> [Sep 2 2005] AI: To recruit members, update the web site. Articles on
>>> TheServerSide directing attention to the site. T-shirts, logo. AI:
>>> Craig write a ServerSide article.
>>>
>>> -- Michelle
>>>
>>>
>>>
>>
>>
>>
>>
>>
>
>
>
Re: multiple databases one PM/TX
Posted by Erik Bengtson <er...@jpox.org>.
Jorg,
An example:
Class product
Field name ; //oracle
Field price ; //erp
Field instock ; //erp
With multiple databases feature, you can load an object distributed in multiples databases. As Eric said we will not reinvent JTA.
Each implementation can use JTA to support transactions with multiple datasources, but can use any other mechanism (not defined). JPOX is pluggable and enabled to accept any jta implementation.
If you don't provide an external jta implementation, JPOX will use its internal implementation.
-- BlackBerry® from Mobistar ---
-----Original Message-----
From: Joerg von Frantzius <jo...@artnology.com>
Date: Mon, 05 Nov 2007 10:28:55
To:jdo-dev@db.apache.org
Cc:jdo-experts-ext@sun.com
Subject: Re: multiple databases one PM/TX
Hi Erik,
there is one thing that I don't understand about this proposed feature
(which may be just me not seeing the obvious point of course :)
Running 2PC on multiple data sources is handled already by J2EE
implementations, and, as far as I recall, there are also libraries
available that provide a JTA without a full blown J2EE server. Why would
you want to duplicate this already existing and available functionality
in JDO?
Regards,
Jörg
Erik Bengtson schrieb:
> In JPOX we are implementing the access to multiple datastores within a single
> PM/TX. If not too late, I’m wonder if you like to hear a proposal to
> standardize the configuration of the “jdoconfig” and jdo metadata to be able to
> handle this scenario. It may sound overkill, but IMO is a major advance over
> JPA.
>
> To introduce the subject, the goal is to handle persistence in multiple
> databases (e.g. derby, oracle, DB4O, Versant, XML) within a single JDO
> transaction/ single PM. From the user point of view, there are two items that
> must be configured, jdo metadata, jdo configuration, in which would be part of
> this proposal, so I show below an example of the configurations:
>
> /jdoconfig/ sequence unbounded PMF
> /jdoconfig/ sequence unbounded Resource
>
> /PMF/
> /PMF/@Class
> /PMF/@TransactionTimeout
> /PMF/@...
> /Resource/
> /Resource/@Name
> /Resource/Connection Settings/
> /Resource/Connection Settings/@ConnectionFactoryName
> /Resource/Connection Settings/@ConnectionClientID
> /Resource/Connection Settings/@ReadOnly
> /Resource/Connection Settings/@...
> /Resource/Transaction/
> /Resource/Transaction/@TwoPhaseCommit
> /Resource/Transaction/@Timeout
>
> ConnectionClientID
> ----------------------------
> ConnectionClientID is the identifier for the connection. Some databases such as
> Oracle use this to identify the end user (not the connection user).
> ConnectionClientID would accept the values:
>
> 1 - CredentialMapping - the CredentialMapping takes the principal of the running
> application and sets it as client id - eg. ConnectionClientID=CredentialMapping
> 2 - Identity – the client id is taken from the id right after the Identity word
> - eg. ConnectionClientID=Identity:MyUser
>
> ReadOnly
> ----------------------------
> ReadOnly (accepts true, false) will block write operations to this connection
>
> TwoPhaseCommit
> --------------------------
> Two options:
>
> 1 – LastLoggingResource - If the resource is non XA, push down this resource in
> commit order.
> 2 – Emulated – Emulates non XA protocol. Heuristics errors could happen
>
> Example:
>
> <jdoconfig>
>
> <pmf name=”snowdog” default-resource=”Oracle”>
> </pmf>
>
> <resource name=”ERP”>
> <connection connectionfactoryname=”BSCS_Hot”/>
> </resource>
>
> <resource name=”PeopleSoft”>
> <connection connectionfactoryname=”PS_Onyx”/>
> </resource>
>
> <resource name=”Oracle”>
> <connection connectionfactoryname=”ORA_Vinci”
> connection-client-id=”CredentialMapping”/>
> <transaction two-phase-commit=”LLR” timeout=”30”/>
> </resource>
>
> <resource name=”Xml”>
> <connection readonly=”true”/>
> <extension>
> <jpox:xml file=”file:/usr/home/myxml.xml”/>
> </extension>
> </resource>
>
>
> </jdoconfig>
>
> <jdo>
> <package>
> <class name=”Invoice” resource=”ERP”/>
> <class name=”ClassData”/> <!-- uses default-resource -->
> <class name=”Person” resource=”PeopleSoft”/>
> <class name=”ReferenceData” resource=”Xml”/>
> </package>
> </jdo>
>
>
>
>
> Quoting Michelle Caisse <Mi...@sun.com>:
>
>
>> Hi,
>>
>> We will have our regular meeting Friday, October 26 at 9 am PDT to
>> discuss JDO TCK issues and status.
>>
>> Dial-in numbers are:
>> 866 230-6968 294-0479#
>> International: +1 865 544-7856
>>
>> Agenda:
>>
>> 1. Subquery spec update
>> 2. Other issues
>>
>> Action Items from weeks past:
>>
>> [Oct 12 2007] AI Michael take a look at subquery tck tests.
>> https://issues.apache.org/jira/browse/JDO-446
>>
>> [Sep 14 2007] AI Matthew provide examples for 8.6.1.1 jdoconfig.xml.
>>
>> [June 22 2007] AI Craig discuss svn:eol-style on email.
>>
>> [June 22 2007] AI Craig write a proposal on annotation overrides for
>> the expert group.
>>
>> [May 25 2007] AI everyone Download the Grails demo from grails.org and
>> check it out. Also look at Grails/Groovy ExpandoMetaClass that has the
>> magic to avoid reflection and enhancement.
>>
>> [May 25 2007] AI Matthew Adams prepare a proposal with just the basics
>> of schema synchronization with jdo and orm metadata.
>>
>> [May 18 2007] AI Craig update http://wiki.apache.org/jdo/
>> CurrentDevelopment wiki page
>>
>> [Apr 27 2007] AI Craig review Query API and send email to experts.
>>
>> [Apr 27 2007] AI Erik file a JIRA regarding JPA style transactions and
>> attach his discussion document to it.
>>
>> [Mar 9 2007] AI Craig: Update the spec to require that the key of the
>> listener is the class name of the listener, for consistency with
>> proposed xml..
>>
>> [Mar 2 2007] AI Craig: update the JDOHelper class to include a string
>> constant "META-INF/jdo.xml" and a new method
>> getPersistenceManagerFactory taking no arguments.
>>
>> [Aug 11 2006] AI Craig propose some semantics for behavior if user
>> tries to add to a list where the ordering element is incorrect.
>>
>> [Jul 14 2006] AI: Erik document 220 annotations that don't have a
>> corresponding JDO concept.
>>
>> [Jun 23 2006] AI Martin look at what Hibernate and TopLink support
>> for Enum types. In progress.
>>
>> [Apr 14 2006] AI Craig: update the roadmap for JDO. In progress.
>>
>> [Nov 4 2005] AI Martin: Update Martin's wiki with discusion of JDK 1.5
>> issues. In progress
>>
>> [Sep 2 2005] AI: To recruit members, update the web site. Articles on
>> TheServerSide directing attention to the site. T-shirts, logo. AI:
>> Craig write a ServerSide article.
>>
>> -- Michelle
>>
>>
>
>
>
>
>
>
RE: multiple databases one PM/TX
Posted by Eric Samson <er...@xcalia.com>.
Hello Joerg,
I don't think Erik wants to reinvent JTA.
Probably a multi DBS PMF implementation will rely on a JTA TM.
But you also have to cover non transactional data sources.
I think the proposed options are here to cover this.
Best Regards,
....: Eric Samson, Founder & CTO, Xcalia
Service your Data!
-----Message d'origine-----
De : Joerg von Frantzius [mailto:joerg.von.frantzius@artnology.com]
Envoyé : lundi 5 novembre 2007 10:29
À : jdo-dev@db.apache.org
Cc : jdo-experts-ext@sun.com
Objet : Re: multiple databases one PM/TX
Hi Erik,
there is one thing that I don't understand about this proposed feature (which may be just me not seeing the obvious point of course :)
Running 2PC on multiple data sources is handled already by J2EE implementations, and, as far as I recall, there are also libraries available that provide a JTA without a full blown J2EE server. Why would you want to duplicate this already existing and available functionality in JDO?
Regards,
Jörg
Erik Bengtson schrieb:
> In JPOX we are implementing the access to multiple datastores within a
> single PM/TX. If not too late, I’m wonder if you like to hear a
> proposal to standardize the configuration of the “jdoconfig” and jdo
> metadata to be able to handle this scenario. It may sound overkill,
> but IMO is a major advance over JPA.
>
> To introduce the subject, the goal is to handle persistence in
> multiple databases (e.g. derby, oracle, DB4O, Versant, XML) within a
> single JDO transaction/ single PM. From the user point of view, there
> are two items that must be configured, jdo metadata, jdo
> configuration, in which would be part of this proposal, so I show below an example of the configurations:
>
> /jdoconfig/ sequence unbounded PMF
> /jdoconfig/ sequence unbounded Resource
>
> /PMF/
> /PMF/@Class
> /PMF/@TransactionTimeout
> /PMF/@...
> /Resource/
> /Resource/@Name
> /Resource/Connection Settings/
> /Resource/Connection Settings/@ConnectionFactoryName
> /Resource/Connection Settings/@ConnectionClientID /Resource/Connection
> Settings/@ReadOnly /Resource/Connection Settings/@...
> /Resource/Transaction/
> /Resource/Transaction/@TwoPhaseCommit
> /Resource/Transaction/@Timeout
>
> ConnectionClientID
> ----------------------------
> ConnectionClientID is the identifier for the connection. Some
> databases such as Oracle use this to identify the end user (not the connection user).
> ConnectionClientID would accept the values:
>
> 1 - CredentialMapping - the CredentialMapping takes the principal of
> the running application and sets it as client id - eg.
> ConnectionClientID=CredentialMapping
> 2 - Identity – the client id is taken from the id right after the
> Identity word
> - eg. ConnectionClientID=Identity:MyUser
>
> ReadOnly
> ----------------------------
> ReadOnly (accepts true, false) will block write operations to this
> connection
>
> TwoPhaseCommit
> --------------------------
> Two options:
>
> 1 – LastLoggingResource - If the resource is non XA, push down this
> resource in commit order.
> 2 – Emulated – Emulates non XA protocol. Heuristics errors could
> happen
>
> Example:
>
> <jdoconfig>
>
> <pmf name=”snowdog” default-resource=”Oracle”> </pmf>
>
> <resource name=”ERP”>
> <connection connectionfactoryname=”BSCS_Hot”/>
> </resource>
>
> <resource name=”PeopleSoft”>
> <connection connectionfactoryname=”PS_Onyx”/> </resource>
>
> <resource name=”Oracle”>
> <connection connectionfactoryname=”ORA_Vinci”
> connection-client-id=”CredentialMapping”/>
> <transaction two-phase-commit=”LLR” timeout=”30”/> </resource>
>
> <resource name=”Xml”>
> <connection readonly=”true”/>
> <extension>
> <jpox:xml file=”file:/usr/home/myxml.xml”/> </extension> </resource>
>
>
> </jdoconfig>
>
> <jdo>
> <package>
> <class name=”Invoice” resource=”ERP”/> <class name=”ClassData”/> <!--
> uses default-resource --> <class name=”Person” resource=”PeopleSoft”/>
> <class name=”ReferenceData” resource=”Xml”/> </package> </jdo>
>
>
>
>
> Quoting Michelle Caisse <Mi...@sun.com>:
>
>
>> Hi,
>>
>> We will have our regular meeting Friday, October 26 at 9 am PDT to
>> discuss JDO TCK issues and status.
>>
>> Dial-in numbers are:
>> 866 230-6968 294-0479#
>> International: +1 865 544-7856
>>
>> Agenda:
>>
>> 1. Subquery spec update
>> 2. Other issues
>>
>> Action Items from weeks past:
>>
>> [Oct 12 2007] AI Michael take a look at subquery tck tests.
>> https://issues.apache.org/jira/browse/JDO-446
>>
>> [Sep 14 2007] AI Matthew provide examples for 8.6.1.1 jdoconfig.xml.
>>
>> [June 22 2007] AI Craig discuss svn:eol-style on email.
>>
>> [June 22 2007] AI Craig write a proposal on annotation overrides for
>> the expert group.
>>
>> [May 25 2007] AI everyone Download the Grails demo from grails.org
>> and check it out. Also look at Grails/Groovy ExpandoMetaClass that
>> has the magic to avoid reflection and enhancement.
>>
>> [May 25 2007] AI Matthew Adams prepare a proposal with just the
>> basics of schema synchronization with jdo and orm metadata.
>>
>> [May 18 2007] AI Craig update http://wiki.apache.org/jdo/
>> CurrentDevelopment wiki page
>>
>> [Apr 27 2007] AI Craig review Query API and send email to experts.
>>
>> [Apr 27 2007] AI Erik file a JIRA regarding JPA style transactions
>> and attach his discussion document to it.
>>
>> [Mar 9 2007] AI Craig: Update the spec to require that the key of the
>> listener is the class name of the listener, for consistency with
>> proposed xml..
>>
>> [Mar 2 2007] AI Craig: update the JDOHelper class to include a string
>> constant "META-INF/jdo.xml" and a new method
>> getPersistenceManagerFactory taking no arguments.
>>
>> [Aug 11 2006] AI Craig propose some semantics for behavior if user
>> tries to add to a list where the ordering element is incorrect.
>>
>> [Jul 14 2006] AI: Erik document 220 annotations that don't have a
>> corresponding JDO concept.
>>
>> [Jun 23 2006] AI Martin look at what Hibernate and TopLink support
>> for Enum types. In progress.
>>
>> [Apr 14 2006] AI Craig: update the roadmap for JDO. In progress.
>>
>> [Nov 4 2005] AI Martin: Update Martin's wiki with discusion of JDK 1.5
>> issues. In progress
>>
>> [Sep 2 2005] AI: To recruit members, update the web site. Articles on
>> TheServerSide directing attention to the site. T-shirts, logo. AI:
>> Craig write a ServerSide article.
>>
>> -- Michelle
>>
>>
>
>
>
>
>
>
Re: multiple databases one PM/TX
Posted by Joerg von Frantzius <jo...@artnology.com>.
Hi Erik,
there is one thing that I don't understand about this proposed feature
(which may be just me not seeing the obvious point of course :)
Running 2PC on multiple data sources is handled already by J2EE
implementations, and, as far as I recall, there are also libraries
available that provide a JTA without a full blown J2EE server. Why would
you want to duplicate this already existing and available functionality
in JDO?
Regards,
Jörg
Erik Bengtson schrieb:
> In JPOX we are implementing the access to multiple datastores within a single
> PM/TX. If not too late, I’m wonder if you like to hear a proposal to
> standardize the configuration of the “jdoconfig” and jdo metadata to be able to
> handle this scenario. It may sound overkill, but IMO is a major advance over
> JPA.
>
> To introduce the subject, the goal is to handle persistence in multiple
> databases (e.g. derby, oracle, DB4O, Versant, XML) within a single JDO
> transaction/ single PM. From the user point of view, there are two items that
> must be configured, jdo metadata, jdo configuration, in which would be part of
> this proposal, so I show below an example of the configurations:
>
> /jdoconfig/ sequence unbounded PMF
> /jdoconfig/ sequence unbounded Resource
>
> /PMF/
> /PMF/@Class
> /PMF/@TransactionTimeout
> /PMF/@...
> /Resource/
> /Resource/@Name
> /Resource/Connection Settings/
> /Resource/Connection Settings/@ConnectionFactoryName
> /Resource/Connection Settings/@ConnectionClientID
> /Resource/Connection Settings/@ReadOnly
> /Resource/Connection Settings/@...
> /Resource/Transaction/
> /Resource/Transaction/@TwoPhaseCommit
> /Resource/Transaction/@Timeout
>
> ConnectionClientID
> ----------------------------
> ConnectionClientID is the identifier for the connection. Some databases such as
> Oracle use this to identify the end user (not the connection user).
> ConnectionClientID would accept the values:
>
> 1 - CredentialMapping - the CredentialMapping takes the principal of the running
> application and sets it as client id - eg. ConnectionClientID=CredentialMapping
> 2 - Identity – the client id is taken from the id right after the Identity word
> - eg. ConnectionClientID=Identity:MyUser
>
> ReadOnly
> ----------------------------
> ReadOnly (accepts true, false) will block write operations to this connection
>
> TwoPhaseCommit
> --------------------------
> Two options:
>
> 1 – LastLoggingResource - If the resource is non XA, push down this resource in
> commit order.
> 2 – Emulated – Emulates non XA protocol. Heuristics errors could happen
>
> Example:
>
> <jdoconfig>
>
> <pmf name=”snowdog” default-resource=”Oracle”>
> </pmf>
>
> <resource name=”ERP”>
> <connection connectionfactoryname=”BSCS_Hot”/>
> </resource>
>
> <resource name=”PeopleSoft”>
> <connection connectionfactoryname=”PS_Onyx”/>
> </resource>
>
> <resource name=”Oracle”>
> <connection connectionfactoryname=”ORA_Vinci”
> connection-client-id=”CredentialMapping”/>
> <transaction two-phase-commit=”LLR” timeout=”30”/>
> </resource>
>
> <resource name=”Xml”>
> <connection readonly=”true”/>
> <extension>
> <jpox:xml file=”file:/usr/home/myxml.xml”/>
> </extension>
> </resource>
>
>
> </jdoconfig>
>
> <jdo>
> <package>
> <class name=”Invoice” resource=”ERP”/>
> <class name=”ClassData”/> <!-- uses default-resource -->
> <class name=”Person” resource=”PeopleSoft”/>
> <class name=”ReferenceData” resource=”Xml”/>
> </package>
> </jdo>
>
>
>
>
> Quoting Michelle Caisse <Mi...@sun.com>:
>
>
>> Hi,
>>
>> We will have our regular meeting Friday, October 26 at 9 am PDT to
>> discuss JDO TCK issues and status.
>>
>> Dial-in numbers are:
>> 866 230-6968 294-0479#
>> International: +1 865 544-7856
>>
>> Agenda:
>>
>> 1. Subquery spec update
>> 2. Other issues
>>
>> Action Items from weeks past:
>>
>> [Oct 12 2007] AI Michael take a look at subquery tck tests.
>> https://issues.apache.org/jira/browse/JDO-446
>>
>> [Sep 14 2007] AI Matthew provide examples for 8.6.1.1 jdoconfig.xml.
>>
>> [June 22 2007] AI Craig discuss svn:eol-style on email.
>>
>> [June 22 2007] AI Craig write a proposal on annotation overrides for
>> the expert group.
>>
>> [May 25 2007] AI everyone Download the Grails demo from grails.org and
>> check it out. Also look at Grails/Groovy ExpandoMetaClass that has the
>> magic to avoid reflection and enhancement.
>>
>> [May 25 2007] AI Matthew Adams prepare a proposal with just the basics
>> of schema synchronization with jdo and orm metadata.
>>
>> [May 18 2007] AI Craig update http://wiki.apache.org/jdo/
>> CurrentDevelopment wiki page
>>
>> [Apr 27 2007] AI Craig review Query API and send email to experts.
>>
>> [Apr 27 2007] AI Erik file a JIRA regarding JPA style transactions and
>> attach his discussion document to it.
>>
>> [Mar 9 2007] AI Craig: Update the spec to require that the key of the
>> listener is the class name of the listener, for consistency with
>> proposed xml..
>>
>> [Mar 2 2007] AI Craig: update the JDOHelper class to include a string
>> constant "META-INF/jdo.xml" and a new method
>> getPersistenceManagerFactory taking no arguments.
>>
>> [Aug 11 2006] AI Craig propose some semantics for behavior if user
>> tries to add to a list where the ordering element is incorrect.
>>
>> [Jul 14 2006] AI: Erik document 220 annotations that don't have a
>> corresponding JDO concept.
>>
>> [Jun 23 2006] AI Martin look at what Hibernate and TopLink support
>> for Enum types. In progress.
>>
>> [Apr 14 2006] AI Craig: update the roadmap for JDO. In progress.
>>
>> [Nov 4 2005] AI Martin: Update Martin's wiki with discusion of JDK 1.5
>> issues. In progress
>>
>> [Sep 2 2005] AI: To recruit members, update the web site. Articles on
>> TheServerSide directing attention to the site. T-shirts, logo. AI:
>> Craig write a ServerSide article.
>>
>> -- Michelle
>>
>>
>
>
>
>
>
>
RE: multiple databases one PM/TX
Posted by Eric Samson <er...@xcalia.com>.
Matthew,
What do you think getConnection()is supposed to return?
A collection of underlying native connections()?
Or is it getConnection(<name>) (whatever <name> could be)?
Do we need to notion of a default data source or not?
In that case getConnection() with no parameter would return that default data source?
In the case the data source is a Web service, what do you expect as a return value for getConnection()?
Best Regards,
....: Eric Samson, Founder & CTO, xcalia
Service your Data!
De : Matthew Adams [mailto:matthew@matthewadams.org]
Envoyé : lundi 29 octobre 2007 20:25
À : Eric Samson
Cc : Erik Bengtson; jdo-dev@db.apache.org; jdo-experts-ext@sun.com
Objet : Re: multiple databases one PM/TX
Hi all,
I like that JDO allows implementations to support this, and I do feel that this could be a differentiator from JPA. The things that come to my mind are the following:
* this should be an optional feature so that we don't slow down implementations from being compliant
* we should examine the proposed JDO 2.1 metadata formats to ensure that it can support but not require multiple data sources
* we need to examine the impact of configuring multiple data sources on the API (i.e., new method JDOHelper.getPersistenceManagerFactory(String... names), PersistenceManager#getDataStoreConnection() & JDOConnection#getNativeConnection?)
* configuration of JTA and the coordination of transactions across all data sources
* this would slow down work on 2.1 -- can we add in another maintenance release?
-matthew
On Oct 29, 2007, at 10:05 AM, Eric Samson wrote:
Hello Erik,
Once again you start an important topic here! :-)
We also are working on a multi-data sources PMF.
I think the name "resource" could be confusing (I tend to prefer "data source").
Maybe the data source properties should be defined elsewhere (as you can have quite complex configurations when you want to access non-relational data stores)?
Best Regards,
....: Eric Samson, Founder & CTO, Xcalia
Service your Data!
-----Message d'origine-----
De : Erik Bengtson [mailto:erik@jpox.org]
Envoyé : vendredi 26 octobre 2007 15:49
À : jdo-dev@db.apache.org; jdo-experts-ext@sun.com
Objet : multiple databases one PM/TX
In JPOX we are implementing the access to multiple datastores within a single
PM/TX. If not too late, I'm wonder if you like to hear a proposal to
standardize the configuration of the "jdoconfig" and jdo metadata to be able to
handle this scenario. It may sound overkill, but IMO is a major advance over
JPA.
To introduce the subject, the goal is to handle persistence in multiple
databases (e.g. derby, oracle, DB4O, Versant, XML) within a single JDO
transaction/ single PM. From the user point of view, there are two items that
must be configured, jdo metadata, jdo configuration, in which would be part of
this proposal, so I show below an example of the configurations:
/jdoconfig/ sequence unbounded PMF
/jdoconfig/ sequence unbounded Resource
/PMF/
/PMF/@Class
/PMF/@TransactionTimeout
/PMF/@...
/Resource/
/Resource/@Name
/Resource/Connection Settings/
/Resource/Connection Settings/@ConnectionFactoryName
/Resource/Connection Settings/@ConnectionClientID
/Resource/Connection Settings/@ReadOnly
/Resource/Connection Settings/@...
/Resource/Transaction/
/Resource/Transaction/@TwoPhaseCommit
/Resource/Transaction/@Timeout
ConnectionClientID
----------------------------
ConnectionClientID is the identifier for the connection. Some databases such as
Oracle use this to identify the end user (not the connection user).
ConnectionClientID would accept the values:
1 - CredentialMapping - the CredentialMapping takes the principal of the running
application and sets it as client id - eg. ConnectionClientID=CredentialMapping
2 - Identity - the client id is taken from the id right after the Identity word
- eg. ConnectionClientID=Identity:MyUser
ReadOnly
----------------------------
ReadOnly (accepts true, false) will block write operations to this connection
TwoPhaseCommit
--------------------------
Two options:
1 - LastLoggingResource - If the resource is non XA, push down this resource in
commit order.
2 - Emulated - Emulates non XA protocol. Heuristics errors could happen
Example:
<jdoconfig>
<pmf name="snowdog" default-resource="Oracle">
</pmf>
<resource name="ERP">
<connection connectionfactoryname="BSCS_Hot"/>
</resource>
<resource name="PeopleSoft">
<connection connectionfactoryname="PS_Onyx"/>
</resource>
<resource name="Oracle">
<connection connectionfactoryname="ORA_Vinci"
connection-client-id="CredentialMapping"/>
<transaction two-phase-commit="LLR" timeout="30"/>
</resource>
<resource name="Xml">
<connection readonly="true"/>
<extension>
<jpox:xml file="file:/usr/home/myxml.xml <file:///\\usr\home\myxml.xml> "/>
</extension>
</resource>
</jdoconfig>
<jdo>
<package>
<class name="Invoice" resource="ERP"/>
<class name="ClassData"/> <!-- uses default-resource -->
<class name="Person" resource="PeopleSoft"/>
<class name="ReferenceData" resource="Xml"/>
</package>
</jdo>
Quoting Michelle Caisse <Mi...@sun.com>:
> Hi,
>
> We will have our regular meeting Friday, October 26 at 9 am PDT to
> discuss JDO TCK issues and status.
>
> Dial-in numbers are:
> 866 230-6968 294-0479#
> International: +1 865 544-7856
>
> Agenda:
>
> 1. Subquery spec update
> 2. Other issues
>
> Action Items from weeks past:
>
> [Oct 12 2007] AI Michael take a look at subquery tck tests.
> https://issues.apache.org/jira/browse/JDO-446
>
> [Sep 14 2007] AI Matthew provide examples for 8.6.1.1 jdoconfig.xml.
>
> [June 22 2007] AI Craig discuss svn:eol-style on email.
>
> [June 22 2007] AI Craig write a proposal on annotation overrides for
> the expert group.
>
> [May 25 2007] AI everyone Download the Grails demo from grails.org and
> check it out. Also look at Grails/Groovy ExpandoMetaClass that has the
> magic to avoid reflection and enhancement.
>
> [May 25 2007] AI Matthew Adams prepare a proposal with just the basics
> of schema synchronization with jdo and orm metadata.
>
> [May 18 2007] AI Craig update http://wiki.apache.org/jdo/
> CurrentDevelopment wiki page
>
> [Apr 27 2007] AI Craig review Query API and send email to experts.
>
> [Apr 27 2007] AI Erik file a JIRA regarding JPA style transactions and
> attach his discussion document to it.
>
> [Mar 9 2007] AI Craig: Update the spec to require that the key of the
> listener is the class name of the listener, for consistency with
> proposed xml..
>
> [Mar 2 2007] AI Craig: update the JDOHelper class to include a string
> constant "META-INF/jdo.xml" and a new method
> getPersistenceManagerFactory taking no arguments.
>
> [Aug 11 2006] AI Craig propose some semantics for behavior if user
> tries to add to a list where the ordering element is incorrect.
>
> [Jul 14 2006] AI: Erik document 220 annotations that don't have a
> corresponding JDO concept.
>
> [Jun 23 2006] AI Martin look at what Hibernate and TopLink support
> for Enum types. In progress.
>
> [Apr 14 2006] AI Craig: update the roadmap for JDO. In progress.
>
> [Nov 4 2005] AI Martin: Update Martin's wiki with discusion of JDK 1.5
> issues. In progress
>
> [Sep 2 2005] AI: To recruit members, update the web site. Articles on
> TheServerSide directing attention to the site. T-shirts, logo. AI:
> Craig write a ServerSide article.
>
> -- Michelle
>
> >
>
RE: multiple databases one PM/TX
Posted by Eric Samson <er...@xcalia.com>.
Hey Matthew,
See my comments inline.
Rgds,
....: Eric Samson, Founder & CTO, xcalia
Service your Data!
De : Matthew Adams [mailto:matthew@matthewadams.org]
Envoyé : lundi 29 octobre 2007 20:25
À : Eric Samson
Cc : Erik Bengtson; jdo-dev@db.apache.org; jdo-experts-ext@sun.com
Objet : Re: multiple databases one PM/TX
Hi all,
I like that JDO allows implementations to support this, and I do feel that this could be a differentiator from JPA. The things that come to my mind are the following:
* this should be an optional feature so that we don't slow down implementations from being compliant
* we should examine the proposed JDO 2.1 metadata formats to ensure that it can support but not require multiple data sources
[Eric Samson] Agreed.
* we need to examine the impact of configuring multiple data sources on the API (i.e., new method JDOHelper.getPersistenceManagerFactory(String... names), PersistenceManager#getDataStoreConnection() & JDOConnection#getNativeConnection?)
[Eric Samson] IMHO, this is more for the sake of completion rather than a real need, but why not.
* configuration of JTA and the coordination of transactions across all data sources
[Eric Samson] Do you want to configure distributed transactions or do you want the implementation to decide how to (transparently ?) manage them? BTW: what kind of configuration do you have in mind? Is that JTA only? What about WS-*? Or a mix of them? Or something else?
* this would slow down work on 2.1 -- can we add in another maintenance release?
[Eric Samson] Yes, should be later in time.
-matthew
On Oct 29, 2007, at 10:05 AM, Eric Samson wrote:
Hello Erik,
Once again you start an important topic here! :-)
We also are working on a multi-data sources PMF.
I think the name "resource" could be confusing (I tend to prefer "data source").
Maybe the data source properties should be defined elsewhere (as you can have quite complex configurations when you want to access non-relational data stores)?
Best Regards,
....: Eric Samson, Founder & CTO, Xcalia
Service your Data!
-----Message d'origine-----
De : Erik Bengtson [mailto:erik@jpox.org]
Envoyé : vendredi 26 octobre 2007 15:49
À : jdo-dev@db.apache.org; jdo-experts-ext@sun.com
Objet : multiple databases one PM/TX
In JPOX we are implementing the access to multiple datastores within a single
PM/TX. If not too late, I'm wonder if you like to hear a proposal to
standardize the configuration of the "jdoconfig" and jdo metadata to be able to
handle this scenario. It may sound overkill, but IMO is a major advance over
JPA.
To introduce the subject, the goal is to handle persistence in multiple
databases (e.g. derby, oracle, DB4O, Versant, XML) within a single JDO
transaction/ single PM. From the user point of view, there are two items that
must be configured, jdo metadata, jdo configuration, in which would be part of
this proposal, so I show below an example of the configurations:
/jdoconfig/ sequence unbounded PMF
/jdoconfig/ sequence unbounded Resource
/PMF/
/PMF/@Class
/PMF/@TransactionTimeout
/PMF/@...
/Resource/
/Resource/@Name
/Resource/Connection Settings/
/Resource/Connection Settings/@ConnectionFactoryName
/Resource/Connection Settings/@ConnectionClientID
/Resource/Connection Settings/@ReadOnly
/Resource/Connection Settings/@...
/Resource/Transaction/
/Resource/Transaction/@TwoPhaseCommit
/Resource/Transaction/@Timeout
ConnectionClientID
----------------------------
ConnectionClientID is the identifier for the connection. Some databases such as
Oracle use this to identify the end user (not the connection user).
ConnectionClientID would accept the values:
1 - CredentialMapping - the CredentialMapping takes the principal of the running
application and sets it as client id - eg. ConnectionClientID=CredentialMapping
2 - Identity - the client id is taken from the id right after the Identity word
- eg. ConnectionClientID=Identity:MyUser
ReadOnly
----------------------------
ReadOnly (accepts true, false) will block write operations to this connection
TwoPhaseCommit
--------------------------
Two options:
1 - LastLoggingResource - If the resource is non XA, push down this resource in
commit order.
2 - Emulated - Emulates non XA protocol. Heuristics errors could happen
Example:
<jdoconfig>
<pmf name="snowdog" default-resource="Oracle">
</pmf>
<resource name="ERP">
<connection connectionfactoryname="BSCS_Hot"/>
</resource>
<resource name="PeopleSoft">
<connection connectionfactoryname="PS_Onyx"/>
</resource>
<resource name="Oracle">
<connection connectionfactoryname="ORA_Vinci"
connection-client-id="CredentialMapping"/>
<transaction two-phase-commit="LLR" timeout="30"/>
</resource>
<resource name="Xml">
<connection readonly="true"/>
<extension>
<jpox:xml file="file:/usr/home/myxml.xml <file:///\\usr\home\myxml.xml> "/>
</extension>
</resource>
</jdoconfig>
<jdo>
<package>
<class name="Invoice" resource="ERP"/>
<class name="ClassData"/> <!-- uses default-resource -->
<class name="Person" resource="PeopleSoft"/>
<class name="ReferenceData" resource="Xml"/>
</package>
</jdo>
Quoting Michelle Caisse <Mi...@sun.com>:
> Hi,
>
> We will have our regular meeting Friday, October 26 at 9 am PDT to
> discuss JDO TCK issues and status.
>
> Dial-in numbers are:
> 866 230-6968 294-0479#
> International: +1 865 544-7856
>
> Agenda:
>
> 1. Subquery spec update
> 2. Other issues
>
> Action Items from weeks past:
>
> [Oct 12 2007] AI Michael take a look at subquery tck tests.
> https://issues.apache.org/jira/browse/JDO-446
>
> [Sep 14 2007] AI Matthew provide examples for 8.6.1.1 jdoconfig.xml.
>
> [June 22 2007] AI Craig discuss svn:eol-style on email.
>
> [June 22 2007] AI Craig write a proposal on annotation overrides for
> the expert group.
>
> [May 25 2007] AI everyone Download the Grails demo from grails.org and
> check it out. Also look at Grails/Groovy ExpandoMetaClass that has the
> magic to avoid reflection and enhancement.
>
> [May 25 2007] AI Matthew Adams prepare a proposal with just the basics
> of schema synchronization with jdo and orm metadata.
>
> [May 18 2007] AI Craig update http://wiki.apache.org/jdo/
> CurrentDevelopment wiki page
>
> [Apr 27 2007] AI Craig review Query API and send email to experts.
>
> [Apr 27 2007] AI Erik file a JIRA regarding JPA style transactions and
> attach his discussion document to it.
>
> [Mar 9 2007] AI Craig: Update the spec to require that the key of the
> listener is the class name of the listener, for consistency with
> proposed xml..
>
> [Mar 2 2007] AI Craig: update the JDOHelper class to include a string
> constant "META-INF/jdo.xml" and a new method
> getPersistenceManagerFactory taking no arguments.
>
> [Aug 11 2006] AI Craig propose some semantics for behavior if user
> tries to add to a list where the ordering element is incorrect.
>
> [Jul 14 2006] AI: Erik document 220 annotations that don't have a
> corresponding JDO concept.
>
> [Jun 23 2006] AI Martin look at what Hibernate and TopLink support
> for Enum types. In progress.
>
> [Apr 14 2006] AI Craig: update the roadmap for JDO. In progress.
>
> [Nov 4 2005] AI Martin: Update Martin's wiki with discusion of JDK 1.5
> issues. In progress
>
> [Sep 2 2005] AI: To recruit members, update the web site. Articles on
> TheServerSide directing attention to the site. T-shirts, logo. AI:
> Craig write a ServerSide article.
>
> -- Michelle
>
> >
>
Re: multiple databases one PM/TX
Posted by Matthew Adams <ma...@matthewadams.org>.
Hi all,
I like that JDO allows implementations to support this, and I do feel
that this could be a differentiator from JPA. The things that come
to my mind are the following:
* this should be an optional feature so that we don't slow down
implementations from being compliant
* we should examine the proposed JDO 2.1 metadata formats to ensure
that it can support but not require multiple data sources
* we need to examine the impact of configuring multiple data sources
on the API (i.e., new method JDOHelper.getPersistenceManagerFactory
(String... names), PersistenceManager#getDataStoreConnection() &
JDOConnection#getNativeConnection?)
* configuration of JTA and the coordination of transactions across
all data sources
* this would slow down work on 2.1 -- can we add in another
maintenance release?
-matthew
On Oct 29, 2007, at 10:05 AM, Eric Samson wrote:
> Hello Erik,
>
>
>
> Once again you start an important topic here! :-)
>
>
>
> We also are working on a multi-data sources PMF.
>
>
>
> I think the name "resource" could be confusing (I tend to prefer
> "data source").
>
>
>
> Maybe the data source properties should be defined elsewhere (as
> you can have quite complex configurations when you want to access
> non-relational data stores)?
>
>
>
> Best Regards,
>
> ....: Eric Samson, Founder & CTO, Xcalia
>
> Service your Data!
>
>
>
> -----Message d'origine-----
> De : Erik Bengtson [mailto:erik@jpox.org]
> Envoyé : vendredi 26 octobre 2007 15:49
> À : jdo-dev@db.apache.org; jdo-experts-ext@sun.com
> Objet : multiple databases one PM/TX
>
>
>
> In JPOX we are implementing the access to multiple datastores
> within a single
>
> PM/TX. If not too late, I’m wonder if you like to hear a proposal to
>
> standardize the configuration of the “jdoconfig” and jdo metadata
> to be able to
>
> handle this scenario. It may sound overkill, but IMO is a major
> advance over
>
> JPA.
>
>
>
> To introduce the subject, the goal is to handle persistence in
> multiple
>
> databases (e.g. derby, oracle, DB4O, Versant, XML) within a single JDO
>
> transaction/ single PM. From the user point of view, there are two
> items that
>
> must be configured, jdo metadata, jdo configuration, in which would
> be part of
>
> this proposal, so I show below an example of the configurations:
>
>
>
> /jdoconfig/ sequence unbounded PMF
>
> /jdoconfig/ sequence unbounded Resource
>
>
>
> /PMF/
>
> /PMF/@Class
>
> /PMF/@TransactionTimeout
>
> /PMF/@...
>
> /Resource/
>
> /Resource/@Name
>
> /Resource/Connection Settings/
>
> /Resource/Connection Settings/@ConnectionFactoryName
>
> /Resource/Connection Settings/@ConnectionClientID
>
> /Resource/Connection Settings/@ReadOnly
>
> /Resource/Connection Settings/@...
>
> /Resource/Transaction/
>
> /Resource/Transaction/@TwoPhaseCommit
>
> /Resource/Transaction/@Timeout
>
>
>
> ConnectionClientID
>
> ----------------------------
>
> ConnectionClientID is the identifier for the connection. Some
> databases such as
>
> Oracle use this to identify the end user (not the connection user).
>
> ConnectionClientID would accept the values:
>
>
>
> 1 - CredentialMapping - the CredentialMapping takes the principal
> of the running
>
> application and sets it as client id - eg.
> ConnectionClientID=CredentialMapping
>
> 2 - Identity – the client id is taken from the id right after the
> Identity word
>
> - eg. ConnectionClientID=Identity:MyUser
>
>
>
> ReadOnly
>
> ----------------------------
>
> ReadOnly (accepts true, false) will block write operations to this
> connection
>
>
>
> TwoPhaseCommit
>
> --------------------------
>
> Two options:
>
>
>
> 1 – LastLoggingResource - If the resource is non XA, push down this
> resource in
>
> commit order.
>
> 2 – Emulated – Emulates non XA protocol. Heuristics errors could
> happen
>
>
>
> Example:
>
>
>
> <jdoconfig>
>
>
>
> <pmf name=”snowdog” default-resource=”Oracle”>
>
> </pmf>
>
>
>
> <resource name=”ERP”>
>
> <connection connectionfactoryname=”BSCS_Hot”/>
>
> </resource>
>
>
>
> <resource name=”PeopleSoft”>
>
> <connection connectionfactoryname=”PS_Onyx”/>
>
> </resource>
>
>
>
> <resource name=”Oracle”>
>
> <connection connectionfactoryname=”ORA_Vinci”
>
> connection-client-id=”CredentialMapping”/>
>
> <transaction two-phase-commit=”LLR” timeout=”30”/>
>
> </resource>
>
>
>
> <resource name=”Xml”>
>
> <connection readonly=”true”/>
>
> <extension>
>
> <jpox:xml file=”file:/usr/home/myxml.xml”/>
>
> </extension>
>
> </resource>
>
>
>
>
>
> </jdoconfig>
>
>
>
> <jdo>
>
> <package>
>
> <class name=”Invoice” resource=”ERP”/>
>
> <class name=”ClassData”/> <!-- uses default-resource -->
>
> <class name=”Person” resource=”PeopleSoft”/>
>
> <class name=”ReferenceData” resource=”Xml”/>
>
> </package>
>
> </jdo>
>
>
>
>
>
>
>
>
>
> Quoting Michelle Caisse <Mi...@sun.com>:
>
>
>
> > Hi,
>
> >
>
> > We will have our regular meeting Friday, October 26 at 9 am PDT to
>
> > discuss JDO TCK issues and status.
>
> >
>
> > Dial-in numbers are:
>
> > 866 230-6968 294-0479#
>
> > International: +1 865 544-7856
>
> >
>
> > Agenda:
>
> >
>
> > 1. Subquery spec update
>
> > 2. Other issues
>
> >
>
> > Action Items from weeks past:
>
> >
>
> > [Oct 12 2007] AI Michael take a look at subquery tck tests.
>
> > https://issues.apache.org/jira/browse/JDO-446
>
> >
>
> > [Sep 14 2007] AI Matthew provide examples for 8.6.1.1 jdoconfig.xml.
>
> >
>
> > [June 22 2007] AI Craig discuss svn:eol-style on email.
>
> >
>
> > [June 22 2007] AI Craig write a proposal on annotation overrides for
>
> > the expert group.
>
> >
>
> > [May 25 2007] AI everyone Download the Grails demo from
> grails.org and
>
> > check it out. Also look at Grails/Groovy ExpandoMetaClass that
> has the
>
> > magic to avoid reflection and enhancement.
>
> >
>
> > [May 25 2007] AI Matthew Adams prepare a proposal with just the
> basics
>
> > of schema synchronization with jdo and orm metadata.
>
> >
>
> > [May 18 2007] AI Craig update http://wiki.apache.org/jdo/
>
> > CurrentDevelopment wiki page
>
> >
>
> > [Apr 27 2007] AI Craig review Query API and send email to experts.
>
> >
>
> > [Apr 27 2007] AI Erik file a JIRA regarding JPA style
> transactions and
>
> > attach his discussion document to it.
>
> >
>
> > [Mar 9 2007] AI Craig: Update the spec to require that the key of
> the
>
> > listener is the class name of the listener, for consistency with
>
> > proposed xml..
>
> >
>
> > [Mar 2 2007] AI Craig: update the JDOHelper class to include a
> string
>
> > constant "META-INF/jdo.xml" and a new method
>
> > getPersistenceManagerFactory taking no arguments.
>
> >
>
> > [Aug 11 2006] AI Craig propose some semantics for behavior if user
>
> > tries to add to a list where the ordering element is incorrect.
>
> >
>
> > [Jul 14 2006] AI: Erik document 220 annotations that don't have a
>
> > corresponding JDO concept.
>
> >
>
> > [Jun 23 2006] AI Martin look at what Hibernate and TopLink support
>
> > for Enum types. In progress.
>
> >
>
> > [Apr 14 2006] AI Craig: update the roadmap for JDO. In progress.
>
> >
>
> > [Nov 4 2005] AI Martin: Update Martin's wiki with discusion of
> JDK 1.5
>
> > issues. In progress
>
> >
>
> > [Sep 2 2005] AI: To recruit members, update the web site.
> Articles on
>
> > TheServerSide directing attention to the site. T-shirts, logo.
> AI:
>
> > Craig write a ServerSide article.
>
> >
>
> > -- Michelle
>
> >
>
> > >
>
> >
>
>
>
>
>
>
>
>
RE: multiple databases one PM/TX
Posted by Eric Samson <er...@xcalia.com>.
Hello Erik,
Once again you start an important topic here! :-)
We also are working on a multi-data sources PMF.
I think the name "resource" could be confusing (I tend to prefer "data source").
Maybe the data source properties should be defined elsewhere (as you can have quite complex configurations when you want to access non-relational data stores)?
Best Regards,
....: Eric Samson, Founder & CTO, Xcalia
Service your Data!
-----Message d'origine-----
De : Erik Bengtson [mailto:erik@jpox.org]
Envoyé : vendredi 26 octobre 2007 15:49
À : jdo-dev@db.apache.org; jdo-experts-ext@sun.com
Objet : multiple databases one PM/TX
In JPOX we are implementing the access to multiple datastores within a single
PM/TX. If not too late, I'm wonder if you like to hear a proposal to
standardize the configuration of the "jdoconfig" and jdo metadata to be able to
handle this scenario. It may sound overkill, but IMO is a major advance over
JPA.
To introduce the subject, the goal is to handle persistence in multiple
databases (e.g. derby, oracle, DB4O, Versant, XML) within a single JDO
transaction/ single PM. From the user point of view, there are two items that
must be configured, jdo metadata, jdo configuration, in which would be part of
this proposal, so I show below an example of the configurations:
/jdoconfig/ sequence unbounded PMF
/jdoconfig/ sequence unbounded Resource
/PMF/
/PMF/@Class
/PMF/@TransactionTimeout
/PMF/@...
/Resource/
/Resource/@Name
/Resource/Connection Settings/
/Resource/Connection Settings/@ConnectionFactoryName
/Resource/Connection Settings/@ConnectionClientID
/Resource/Connection Settings/@ReadOnly
/Resource/Connection Settings/@...
/Resource/Transaction/
/Resource/Transaction/@TwoPhaseCommit
/Resource/Transaction/@Timeout
ConnectionClientID
----------------------------
ConnectionClientID is the identifier for the connection. Some databases such as
Oracle use this to identify the end user (not the connection user).
ConnectionClientID would accept the values:
1 - CredentialMapping - the CredentialMapping takes the principal of the running
application and sets it as client id - eg. ConnectionClientID=CredentialMapping
2 - Identity - the client id is taken from the id right after the Identity word
- eg. ConnectionClientID=Identity:MyUser
ReadOnly
----------------------------
ReadOnly (accepts true, false) will block write operations to this connection
TwoPhaseCommit
--------------------------
Two options:
1 - LastLoggingResource - If the resource is non XA, push down this resource in
commit order.
2 - Emulated - Emulates non XA protocol. Heuristics errors could happen
Example:
<jdoconfig>
<pmf name="snowdog" default-resource="Oracle">
</pmf>
<resource name="ERP">
<connection connectionfactoryname="BSCS_Hot"/>
</resource>
<resource name="PeopleSoft">
<connection connectionfactoryname="PS_Onyx"/>
</resource>
<resource name="Oracle">
<connection connectionfactoryname="ORA_Vinci"
connection-client-id="CredentialMapping"/>
<transaction two-phase-commit="LLR" timeout="30"/>
</resource>
<resource name="Xml">
<connection readonly="true"/>
<extension>
<jpox:xml file="file:/usr/home/myxml.xml"/>
</extension>
</resource>
</jdoconfig>
<jdo>
<package>
<class name="Invoice" resource="ERP"/>
<class name="ClassData"/> <!-- uses default-resource -->
<class name="Person" resource="PeopleSoft"/>
<class name="ReferenceData" resource="Xml"/>
</package>
</jdo>
Quoting Michelle Caisse <Mi...@sun.com>:
> Hi,
>
> We will have our regular meeting Friday, October 26 at 9 am PDT to
> discuss JDO TCK issues and status.
>
> Dial-in numbers are:
> 866 230-6968 294-0479#
> International: +1 865 544-7856
>
> Agenda:
>
> 1. Subquery spec update
> 2. Other issues
>
> Action Items from weeks past:
>
> [Oct 12 2007] AI Michael take a look at subquery tck tests.
> https://issues.apache.org/jira/browse/JDO-446
>
> [Sep 14 2007] AI Matthew provide examples for 8.6.1.1 jdoconfig.xml.
>
> [June 22 2007] AI Craig discuss svn:eol-style on email.
>
> [June 22 2007] AI Craig write a proposal on annotation overrides for
> the expert group.
>
> [May 25 2007] AI everyone Download the Grails demo from grails.org and
> check it out. Also look at Grails/Groovy ExpandoMetaClass that has the
> magic to avoid reflection and enhancement.
>
> [May 25 2007] AI Matthew Adams prepare a proposal with just the basics
> of schema synchronization with jdo and orm metadata.
>
> [May 18 2007] AI Craig update http://wiki.apache.org/jdo/
> CurrentDevelopment wiki page
>
> [Apr 27 2007] AI Craig review Query API and send email to experts.
>
> [Apr 27 2007] AI Erik file a JIRA regarding JPA style transactions and
> attach his discussion document to it.
>
> [Mar 9 2007] AI Craig: Update the spec to require that the key of the
> listener is the class name of the listener, for consistency with
> proposed xml..
>
> [Mar 2 2007] AI Craig: update the JDOHelper class to include a string
> constant "META-INF/jdo.xml" and a new method
> getPersistenceManagerFactory taking no arguments.
>
> [Aug 11 2006] AI Craig propose some semantics for behavior if user
> tries to add to a list where the ordering element is incorrect.
>
> [Jul 14 2006] AI: Erik document 220 annotations that don't have a
> corresponding JDO concept.
>
> [Jun 23 2006] AI Martin look at what Hibernate and TopLink support
> for Enum types. In progress.
>
> [Apr 14 2006] AI Craig: update the roadmap for JDO. In progress.
>
> [Nov 4 2005] AI Martin: Update Martin's wiki with discusion of JDK 1.5
> issues. In progress
>
> [Sep 2 2005] AI: To recruit members, update the web site. Articles on
> TheServerSide directing attention to the site. T-shirts, logo. AI:
> Craig write a ServerSide article.
>
> -- Michelle
>
> >
>
Re: securing data in JDO
Posted by Matthew Adams <ma...@matthewadams.org>.
Two things:
1. Spring has never been an all-or-nothing proposition. It goes to
great lengths to ensure that only those portions of Spring that
provide you value can be used. See http://www.acegisecurity.org/
standalone.html.
2. I don't really think that domain object security is something that
should be addressed by JDO. This is a classic example of AOP and I
don't think we need to do anything in JDO to explicitly address
this. Spring Security (formerly called "Acegi") provides facilities
for domain object security (see http://www.acegisecurity.org/guide/
springsecurity.html#domain-acls).
If JDO, an SE spec, is to consider domain object security at all,
which I don't think it should, it should wait to see what the JCP
proposes for this kind of security. Is it time for a new JSR on
security? Maybe. Since I tend to favor lagging specs and the only
mature domain object security implementation out there is Spring
Security, I don't think that it's quite time for it.
My $0.02,
Matthew
On Oct 30, 2007, at 5:28 AM, Eric Samson wrote:
> Before we reinvent the wheel, is there any reasonably correct
> framework available out there we can look at as a starting basis?
>
> Some often mention ACEGI, but I’m not sure it is really usable
> outside Spring. Matthew: any comment on this?
>
>
>
> Best Regards,
>
> ....: Eric Samson, Founder & CTO, xcalia
>
> Service your Data!
>
> De : Erik Bengtson [mailto:erik@jpox.org]
> Envoyé : lundi 29 octobre 2007 20:00
> À : Eric Samson; jdo-dev@db.apache.org; jdo-experts-ext@sun.com
> Objet : RE: securing data in JDO
>
>
>
> Eric,
>
>
>
> Thanks for your feedback. Perhaps I should put down my requirements
> to fuel the discussion.
>
>
>
> The JDO implementation should be capable of performing security
> checks on data access based on context credentials.
>
>
>
> JDO needs authorization of data access. Authentication is done
> externally.
>
>
>
> Security Credentials:
>
> - principals
>
> - roles
>
> - etc
>
>
>
> Permissions:
>
> - read
>
> - write
>
> - delete
>
> - create
>
>
>
> Data Permissions
>
> - defined sets of data with access denied/granted
>
>
>
> Decision points:
>
> - instance access
>
> - field access
>
> - data access
>
>
>
> Configurable Actions:
>
> - java exceptions
>
> - no ops (so no state transitions)
>
>
>
> Queries:
>
> - The access denied to data would make results invisible to user –
> either the data is not retrieved from database, or discarded upon
> retrieval – implementation choice.
>
>
>
> Detached:
>
> - detached objects also need security checks. It’s possible that
> security context changes over time during the lifecycle of the
> detached objects.
>
>
>
> I agree with the independent standard for general security, and the
> best would be a standard meta framework to perform the decision of
> granting/denying access to data based on its policies.
>
>
>
> However we need a framework to cope with data access and I don’t
> see any light of that coming from a std committee.
>
>
>
> Regards
>
>
>
>
>
> De : Eric Samson [mailto:eric@xcalia.com]
> Envoyé : lundi 29 octobre 2007 17:13
> À : Erik Bengtson; jdo-dev@db.apache.org; jdo-experts-ext@sun.com
> Objet : RE: securing data in JDO
>
>
>
> Hello Erik,
>
>
>
> You are starting a very important debate here.
>
>
>
> My first opinion is that, ideally, security should not be defined
> as part of a persistence standard, as it is a general need in the
> Java world.
>
> IMHO, it should be specified as a complete and independent standard
> within the JCP, but I don’t know what’s Sun’s vision about that
> question.
>
>
>
> That said, I fully agree a persistence layer needs a security
> mechanism.
>
> Maybe it is even more important to be able to plug a security
> mechanism into JDO than defining a new security model…
>
>
>
> I don't really like having the security policies and ACLs defined
> in the mapping or JDO metadata.
>
>
>
> About raising exceptions: I think users want to configure that.
>
> For instance, instead of raising Exceptions we could define a new
> state in the StateManager indicating that a value has not be loaded
> due to active security policies.
>
>
>
> Thank you Erik for having started the debate and let’s see where it
> will go.
>
>
>
> Best Regards,
>
> ....: Eric Samson, Founder & CTO, Xcalia
>
> Service your Data!
>
>
>
> -----Message d'origine-----
> De : Erik Bengtson [mailto:erik@jpox.org]
> Envoyé : vendredi 26 octobre 2007 18:04
> À : jdo-dev@db.apache.org; jdo-experts-ext@sun.com
> Objet : securing data in JDO
>
>
>
> I would like also to get some feedback about controlling access to
> data in a
>
> standard JDO:
>
>
>
> - Users should be able to specify fine grained access control
> to persistent
>
> objects.
>
> - JDO implementations raise exceptions if the authenticated
> user does not fit
>
> into the role specified in the metadata
>
>
>
> e.g.
>
>
>
> <jdo>
>
> <package>
>
> <class name=”Person”>
>
> <security principal=”adminuser”/>
>
> </class>
>
> </package>
>
> </jdo>
>
>
>
> Or
>
>
>
> <jdo>
>
> <package>
>
> <class name=”Person”>
>
> <field name=”controlCode”>
>
> <security principal=”superuser”/>
>
> </field>
>
> </class>
>
> </package>
>
> </jdo>
>
>
>
>
>
> The user code:
>
>
>
> Person.getControlCode(); //If the principal is not valid, a
> JDOSecurityException
>
> is raised.
>
>
>
> A JDOQL:
>
>
>
> SELECT controlCode FROM Person //If the principal is not valid
> when evaluating
>
> the query (not when compiling), a JDOSecurityException is raised.
>
>
>
>
RE: securing data in JDO
Posted by Eric Samson <er...@xcalia.com>.
Before we reinvent the wheel, is there any reasonably correct framework available out there we can look at as a starting basis?
Some often mention ACEGI, but I'm not sure it is really usable outside Spring. Matthew: any comment on this?
Best Regards,
....: Eric Samson, Founder & CTO, xcalia
Service your Data!
De : Erik Bengtson [mailto:erik@jpox.org]
Envoyé : lundi 29 octobre 2007 20:00
À : Eric Samson; jdo-dev@db.apache.org; jdo-experts-ext@sun.com
Objet : RE: securing data in JDO
Eric,
Thanks for your feedback. Perhaps I should put down my requirements to fuel the discussion.
The JDO implementation should be capable of performing security checks on data access based on context credentials.
JDO needs authorization of data access. Authentication is done externally.
Security Credentials:
- principals
- roles
- etc
Permissions:
- read
- write
- delete
- create
Data Permissions
- defined sets of data with access denied/granted
Decision points:
- instance access
- field access
- data access
Configurable Actions:
- java exceptions
- no ops (so no state transitions)
Queries:
- The access denied to data would make results invisible to user - either the data is not retrieved from database, or discarded upon retrieval - implementation choice.
Detached:
- detached objects also need security checks. It's possible that security context changes over time during the lifecycle of the detached objects.
I agree with the independent standard for general security, and the best would be a standard meta framework to perform the decision of granting/denying access to data based on its policies.
However we need a framework to cope with data access and I don't see any light of that coming from a std committee.
Regards
De : Eric Samson [mailto:eric@xcalia.com]
Envoyé : lundi 29 octobre 2007 17:13
À : Erik Bengtson; jdo-dev@db.apache.org; jdo-experts-ext@sun.com
Objet : RE: securing data in JDO
Hello Erik,
You are starting a very important debate here.
My first opinion is that, ideally, security should not be defined as part of a persistence standard, as it is a general need in the Java world.
IMHO, it should be specified as a complete and independent standard within the JCP, but I don't know what's Sun's vision about that question.
That said, I fully agree a persistence layer needs a security mechanism.
Maybe it is even more important to be able to plug a security mechanism into JDO than defining a new security model...
I don't really like having the security policies and ACLs defined in the mapping or JDO metadata.
About raising exceptions: I think users want to configure that.
For instance, instead of raising Exceptions we could define a new state in the StateManager indicating that a value has not be loaded due to active security policies.
Thank you Erik for having started the debate and let's see where it will go.
Best Regards,
....: Eric Samson, Founder & CTO, Xcalia
Service your Data!
-----Message d'origine-----
De : Erik Bengtson [mailto:erik@jpox.org]
Envoyé : vendredi 26 octobre 2007 18:04
À : jdo-dev@db.apache.org; jdo-experts-ext@sun.com
Objet : securing data in JDO
I would like also to get some feedback about controlling access to data in a
standard JDO:
- Users should be able to specify fine grained access control to persistent
objects.
- JDO implementations raise exceptions if the authenticated user does not fit
into the role specified in the metadata
e.g.
<jdo>
<package>
<class name="Person">
<security principal="adminuser"/>
</class>
</package>
</jdo>
Or
<jdo>
<package>
<class name="Person">
<field name="controlCode">
<security principal="superuser"/>
</field>
</class>
</package>
</jdo>
The user code:
Person.getControlCode(); //If the principal is not valid, a JDOSecurityException
is raised.
A JDOQL:
SELECT controlCode FROM Person //If the principal is not valid when evaluating
the query (not when compiling), a JDOSecurityException is raised.
RE: securing data in JDO
Posted by Erik Bengtson <er...@jpox.org>.
Eric,
Thanks for your feedback. Perhaps I should put down my requirements to fuel
the discussion.
The JDO implementation should be capable of performing security checks on
data access based on context credentials.
JDO needs authorization of data access. Authentication is done externally.
Security Credentials:
- principals
- roles
- etc
Permissions:
- read
- write
- delete
- create
Data Permissions
- defined sets of data with access denied/granted
Decision points:
- instance access
- field access
- data access
Configurable Actions:
- java exceptions
- no ops (so no state transitions)
Queries:
- The access denied to data would make results invisible to user either
the data is not retrieved from database, or discarded upon retrieval
implementation choice.
Detached:
- detached objects also need security checks. Its possible that security
context changes over time during the lifecycle of the detached objects.
I agree with the independent standard for general security, and the best
would be a standard meta framework to perform the decision of
granting/denying access to data based on its policies.
However we need a framework to cope with data access and I dont see any
light of that coming from a std committee.
Regards
De : Eric Samson [mailto:eric@xcalia.com]
Envoyé : lundi 29 octobre 2007 17:13
À : Erik Bengtson; jdo-dev@db.apache.org; jdo-experts-ext@sun.com
Objet : RE: securing data in JDO
Hello Erik,
You are starting a very important debate here.
My first opinion is that, ideally, security should not be defined as part of
a persistence standard, as it is a general need in the Java world.
IMHO, it should be specified as a complete and independent standard within
the JCP, but I dont know whats Suns vision about that question.
That said, I fully agree a persistence layer needs a security mechanism.
Maybe it is even more important to be able to plug a security mechanism into
JDO than defining a new security model
I don't really like having the security policies and ACLs defined in the
mapping or JDO metadata.
About raising exceptions: I think users want to configure that.
For instance, instead of raising Exceptions we could define a new state in
the StateManager indicating that a value has not be loaded due to active
security policies.
Thank you Erik for having started the debate and lets see where it will go.
Best Regards,
....: Eric Samson, Founder & CTO, Xcalia
Service your Data!
-----Message d'origine-----
De : Erik Bengtson [mailto:erik@jpox.org]
Envoyé : vendredi 26 octobre 2007 18:04
À : jdo-dev@db.apache.org; jdo-experts-ext@sun.com
Objet : securing data in JDO
I would like also to get some feedback about controlling access to data in a
standard JDO:
- Users should be able to specify fine grained access control to
persistent
objects.
- JDO implementations raise exceptions if the authenticated user does
not fit
into the role specified in the metadata
e.g.
<jdo>
<package>
<class name=Person>
<security principal=adminuser/>
</class>
</package>
</jdo>
Or
<jdo>
<package>
<class name=Person>
<field name=controlCode>
<security principal=superuser/>
</field>
</class>
</package>
</jdo>
The user code:
Person.getControlCode(); //If the principal is not valid, a
JDOSecurityException
is raised.
A JDOQL:
SELECT controlCode FROM Person //If the principal is not valid when
evaluating
the query (not when compiling), a JDOSecurityException is raised.
RE: securing data in JDO
Posted by Eric Samson <er...@xcalia.com>.
Hello Erik,
You are starting a very important debate here.
My first opinion is that, ideally, security should not be defined as part of a persistence standard, as it is a general need in the Java world.
IMHO, it should be specified as a complete and independent standard within the JCP, but I don't know what's Sun's vision about that question.
That said, I fully agree a persistence layer needs a security mechanism.
Maybe it is even more important to be able to plug a security mechanism into JDO than defining a new security model...
I don't really like having the security policies and ACLs defined in the mapping or JDO metadata.
About raising exceptions: I think users want to configure that.
For instance, instead of raising Exceptions we could define a new state in the StateManager indicating that a value has not be loaded due to active security policies.
Thank you Erik for having started the debate and let's see where it will go.
Best Regards,
....: Eric Samson, Founder & CTO, Xcalia
Service your Data!
-----Message d'origine-----
De : Erik Bengtson [mailto:erik@jpox.org]
Envoyé : vendredi 26 octobre 2007 18:04
À : jdo-dev@db.apache.org; jdo-experts-ext@sun.com
Objet : securing data in JDO
I would like also to get some feedback about controlling access to data in a
standard JDO:
- Users should be able to specify fine grained access control to persistent
objects.
- JDO implementations raise exceptions if the authenticated user does not fit
into the role specified in the metadata
e.g.
<jdo>
<package>
<class name="Person">
<security principal="adminuser"/>
</class>
</package>
</jdo>
Or
<jdo>
<package>
<class name="Person">
<field name="controlCode">
<security principal="superuser"/>
</field>
</class>
</package>
</jdo>
The user code:
Person.getControlCode(); //If the principal is not valid, a JDOSecurityException
is raised.
A JDOQL:
SELECT controlCode FROM Person //If the principal is not valid when evaluating
the query (not when compiling), a JDOSecurityException is raised.
securing data in JDO
Posted by Erik Bengtson <er...@jpox.org>.
I would like also to get some feedback about controlling access to data in a
standard JDO:
- Users should be able to specify fine grained access control to persistent
objects.
- JDO implementations raise exceptions if the authenticated user does not fit
into the role specified in the metadata
e.g.
<jdo>
<package>
<class name=Person>
<security principal=adminuser/>
</class>
</package>
</jdo>
Or
<jdo>
<package>
<class name=Person>
<field name=controlCode>
<security principal=superuser/>
</field>
</class>
</package>
</jdo>
The user code:
Person.getControlCode(); //If the principal is not valid, a JDOSecurityException
is raised.
A JDOQL:
SELECT controlCode FROM Person //If the principal is not valid when evaluating
the query (not when compiling), a JDOSecurityException is raised.