How to use a DataSource from JNDI?

[Paulo Pires <pj...@ubiwhere.com>]

Hi all,

How can one define a DataSource in 'shiro.ini' pointing to a JNDI. For
instance, I have the following properties set:

ds = com.jolbox.bonecp.BoneCPDataSource
ds.driverClass=com.mysql.jdbc.Driver
ds.jdbcUrl=jdbc:mysql://localhost:3306/simple_shiro_web_app
ds.username = root
ds.password = 123qwe
jdbcRealm = org.apache.shiro.realm.jdbc.JdbcRealm
jdbcRealm.dataSource=$ds

Unfortunately, everyone that has access to my WAR package is able to
read this configuration and eventually misuse it. And I don't want to
discuss here that I could create a MySQL user with read-only permissions
to the tables Shiro needs. That's not my point.

What I'd really like, is to simply refer a JNDI path like this:
# DataSource previously configured in the container
ds = jdbc/myDS
jdbcRealm.datasource = $ds

Is this even possible? If not, would it interest anyone else?

Cheers,

-- 
Paulo Pires

Re: How to use a DataSource from JNDI?

[Paulo Pires <pj...@ubiwhere.com>]

See inline.

Thank you so much Jared,
PP

On 21/05/12 17:00, Jared Bunting wrote:
> I've cloned your repository, added the jndi config, and submitted a 
> pull request.  I was able to get it working using the exact same 
> datasource setup as you had in shiro.ini.
>
> If you run this with jetty (mvn jetty:run) then you can see it work.  A 
> couple of things to mention:
>
> 1. Logging is working great in the jetty setup.  This leads me to 
> believe that glassfish is somehow overriding your logging 
> configuration.  I recommend consulting glassfish documentation.

Yes, this may be the issue.

> 2. I don't know how to setup a jndi resource in glassfish.  Again, 
> you'll need to consult the glassfish documentation for that.
It's rather easy, actually.

>
> In general, I find the maven-jetty-plugin to be incredibly useful for 
> determining if I have an issue in webapp, or in my appserver 
> configuration.  It also lets me run a test iteration that involves 
> deploying the webapp must faster than most other methods.

I'll try to implement glassfish-embedded as well for testing. Haven't
done it in a while, but shouldn't take much time. After those
experiments, I'll happily merge your changes. Perhaps I'll do it in a
different branch, as this commit would break my WAR deployment in
Glassfish/JBoss.

>
> -Jared
>
> On Mon 21 May 2012 05:21:21 AM CDT, Paulo Pires wrote:
>> I'm using a MySQL ConnectionPoolDataSource so I've tried with
>> requiredType = javax.sql.ConnectionPoolDataSource and =
>> com.mysql.jdbc.jdbc2.optional.MysqlConnectionPoolDataSource but both
>> failed when bootstrapping Shiro's environment.
>>
>> If I comment that property, no errors are raised but I can't login in my
>> app. Also, I've been unable to put Shiro logging into a file.
>>
>> Thanks anyway,
>> PP
>>
>> On 18/05/12 22:54, Jared Bunting wrote:
>>> I believe you can do something like this: (untested)
>>>
>>> ds = org.apache.shiro.jndi.JndiObjectFactory
>>> ds.resourceName = jdbc/myDS
>>> ds.requiredType = javax.sql.DataSource # optional, but nice for early
>>> failures
>>>
>>> jdbcRealm.datasource = $ds
>>>
>>> -Jared
>>>
>>> On Fri 18 May 2012 04:51:17 PM CDT, Paulo Pires wrote:
>>>> Hi all,
>>>>
>>>> How can one define a DataSource in 'shiro.ini' pointing to a JNDI. For
>>>> instance, I have the following properties set:
>>>>
>>>> ds = com.jolbox.bonecp.BoneCPDataSource
>>>> ds.driverClass=com.mysql.jdbc.Driver
>>>> ds.jdbcUrl=jdbc:mysql://localhost:3306/simple_shiro_web_app
>>>> ds.username = root
>>>> ds.password = 123qwe
>>>> jdbcRealm = org.apache.shiro.realm.jdbc.JdbcRealm
>>>> jdbcRealm.dataSource=$ds
>>>>
>>>> Unfortunately, everyone that has access to my WAR package is able to
>>>> read this configuration and eventually misuse it. And I don't want to
>>>> discuss here that I could create a MySQL user with read-only
>>>> permissions to the tables Shiro needs. That's not my point.
>>>>
>>>> What I'd really like, is to simply refer a JNDI path like this:
>>>> # DataSource previously configured in the container
>>>> ds = jdbc/myDS
>>>> jdbcRealm.datasource = $ds
>>>>
>>>> Is this even possible? If not, would it interest anyone else?
>>>>
>>>> Cheers,
>>>> --
>>>> Paulo Pires
>

-- 
Paulo Pires

Re: How to use a DataSource from JNDI?

[Jared Bunting <ja...@peachjean.com>]

I've cloned your repository, added the jndi config, and submitted a 
pull request.  I was able to get it working using the exact same 
datasource setup as you had in shiro.ini.

If you run this with jetty (mvn jetty:run) then you can see it work.  A 
couple of things to mention:

1. Logging is working great in the jetty setup.  This leads me to 
believe that glassfish is somehow overriding your logging 
configuration.  I recommend consulting glassfish documentation.
2. I don't know how to setup a jndi resource in glassfish.  Again, 
you'll need to consult the glassfish documentation for that.

In general, I find the maven-jetty-plugin to be incredibly useful for 
determining if I have an issue in webapp, or in my appserver 
configuration.  It also lets me run a test iteration that involves 
deploying the webapp must faster than most other methods.

-Jared

On Mon 21 May 2012 05:21:21 AM CDT, Paulo Pires wrote:
> I'm using a MySQL ConnectionPoolDataSource so I've tried with
> requiredType = javax.sql.ConnectionPoolDataSource and =
> com.mysql.jdbc.jdbc2.optional.MysqlConnectionPoolDataSource but both
> failed when bootstrapping Shiro's environment.
>
> If I comment that property, no errors are raised but I can't login in my
> app. Also, I've been unable to put Shiro logging into a file.
>
> Thanks anyway,
> PP
>
> On 18/05/12 22:54, Jared Bunting wrote:
>> I believe you can do something like this: (untested)
>>
>> ds = org.apache.shiro.jndi.JndiObjectFactory
>> ds.resourceName = jdbc/myDS
>> ds.requiredType = javax.sql.DataSource # optional, but nice for early
>> failures
>>
>> jdbcRealm.datasource = $ds
>>
>> -Jared
>>
>> On Fri 18 May 2012 04:51:17 PM CDT, Paulo Pires wrote:
>>> Hi all,
>>>
>>> How can one define a DataSource in 'shiro.ini' pointing to a JNDI. For
>>> instance, I have the following properties set:
>>>
>>> ds = com.jolbox.bonecp.BoneCPDataSource
>>> ds.driverClass=com.mysql.jdbc.Driver
>>> ds.jdbcUrl=jdbc:mysql://localhost:3306/simple_shiro_web_app
>>> ds.username = root
>>> ds.password = 123qwe
>>> jdbcRealm = org.apache.shiro.realm.jdbc.JdbcRealm
>>> jdbcRealm.dataSource=$ds
>>>
>>> Unfortunately, everyone that has access to my WAR package is able to
>>> read this configuration and eventually misuse it. And I don't want to
>>> discuss here that I could create a MySQL user with read-only
>>> permissions to the tables Shiro needs. That's not my point.
>>>
>>> What I'd really like, is to simply refer a JNDI path like this:
>>> # DataSource previously configured in the container
>>> ds = jdbc/myDS
>>> jdbcRealm.datasource = $ds
>>>
>>> Is this even possible? If not, would it interest anyone else?
>>>
>>> Cheers,
>>> --
>>> Paulo Pires
>>
>

Re: How to use a DataSource from JNDI?

[Paulo Pires <pj...@ubiwhere.com>]

I'm using a MySQL ConnectionPoolDataSource so I've tried with
requiredType = javax.sql.ConnectionPoolDataSource and =
com.mysql.jdbc.jdbc2.optional.MysqlConnectionPoolDataSource but both
failed when bootstrapping Shiro's environment.

If I comment that property, no errors are raised but I can't login in my
app. Also, I've been unable to put Shiro logging into a file.

Thanks anyway,
PP

On 18/05/12 22:54, Jared Bunting wrote:
> I believe you can do something like this: (untested)
>
> ds = org.apache.shiro.jndi.JndiObjectFactory
> ds.resourceName = jdbc/myDS
> ds.requiredType = javax.sql.DataSource # optional, but nice for early 
> failures
>
> jdbcRealm.datasource = $ds
>
> -Jared
>
> On Fri 18 May 2012 04:51:17 PM CDT, Paulo Pires wrote:
>> Hi all,
>>
>> How can one define a DataSource in 'shiro.ini' pointing to a JNDI. For
>> instance, I have the following properties set:
>>
>> ds = com.jolbox.bonecp.BoneCPDataSource
>> ds.driverClass=com.mysql.jdbc.Driver
>> ds.jdbcUrl=jdbc:mysql://localhost:3306/simple_shiro_web_app
>> ds.username = root
>> ds.password = 123qwe
>> jdbcRealm = org.apache.shiro.realm.jdbc.JdbcRealm
>> jdbcRealm.dataSource=$ds
>>
>> Unfortunately, everyone that has access to my WAR package is able to
>> read this configuration and eventually misuse it. And I don't want to
>> discuss here that I could create a MySQL user with read-only
>> permissions to the tables Shiro needs. That's not my point.
>>
>> What I'd really like, is to simply refer a JNDI path like this:
>> # DataSource previously configured in the container
>> ds = jdbc/myDS
>> jdbcRealm.datasource = $ds
>>
>> Is this even possible? If not, would it interest anyone else?
>>
>> Cheers,
>> --
>> Paulo Pires
>

-- 
Paulo Pires

Re: How to use a DataSource from JNDI?

[Jared Bunting <ja...@peachjean.com>]

I believe you can do something like this: (untested)

ds = org.apache.shiro.jndi.JndiObjectFactory
ds.resourceName = jdbc/myDS
ds.requiredType = javax.sql.DataSource # optional, but nice for early 
failures

jdbcRealm.datasource = $ds

-Jared

On Fri 18 May 2012 04:51:17 PM CDT, Paulo Pires wrote:
> Hi all,
>
> How can one define a DataSource in 'shiro.ini' pointing to a JNDI. For
> instance, I have the following properties set:
>
> ds = com.jolbox.bonecp.BoneCPDataSource
> ds.driverClass=com.mysql.jdbc.Driver
> ds.jdbcUrl=jdbc:mysql://localhost:3306/simple_shiro_web_app
> ds.username = root
> ds.password = 123qwe
> jdbcRealm = org.apache.shiro.realm.jdbc.JdbcRealm
> jdbcRealm.dataSource=$ds
>
> Unfortunately, everyone that has access to my WAR package is able to
> read this configuration and eventually misuse it. And I don't want to
> discuss here that I could create a MySQL user with read-only
> permissions to the tables Shiro needs. That's not my point.
>
> What I'd really like, is to simply refer a JNDI path like this:
> # DataSource previously configured in the container
> ds = jdbc/myDS
> jdbcRealm.datasource = $ds
>
> Is this even possible? If not, would it interest anyone else?
>
> Cheers,
> --
> Paulo Pires