You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@shiro.apache.org by Paulo Pires <pj...@ubiwhere.com> on 2012/05/18 23:51:17 UTC
How to use a DataSource from JNDI?
Hi all,
How can one define a DataSource in 'shiro.ini' pointing to a JNDI. For
instance, I have the following properties set:
ds = com.jolbox.bonecp.BoneCPDataSource
ds.driverClass=com.mysql.jdbc.Driver
ds.jdbcUrl=jdbc:mysql://localhost:3306/simple_shiro_web_app
ds.username = root
ds.password = 123qwe
jdbcRealm = org.apache.shiro.realm.jdbc.JdbcRealm
jdbcRealm.dataSource=$ds
Unfortunately, everyone that has access to my WAR package is able to
read this configuration and eventually misuse it. And I don't want to
discuss here that I could create a MySQL user with read-only permissions
to the tables Shiro needs. That's not my point.
What I'd really like, is to simply refer a JNDI path like this:
# DataSource previously configured in the container
ds = jdbc/myDS
jdbcRealm.datasource = $ds
Is this even possible? If not, would it interest anyone else?
Cheers,
--
Paulo Pires
Re: How to use a DataSource from JNDI?
Posted by Paulo Pires <pj...@ubiwhere.com>.
See inline.
Thank you so much Jared,
PP
On 21/05/12 17:00, Jared Bunting wrote:
> I've cloned your repository, added the jndi config, and submitted a
> pull request. I was able to get it working using the exact same
> datasource setup as you had in shiro.ini.
>
> If you run this with jetty (mvn jetty:run) then you can see it work. A
> couple of things to mention:
>
> 1. Logging is working great in the jetty setup. This leads me to
> believe that glassfish is somehow overriding your logging
> configuration. I recommend consulting glassfish documentation.
Yes, this may be the issue.
> 2. I don't know how to setup a jndi resource in glassfish. Again,
> you'll need to consult the glassfish documentation for that.
It's rather easy, actually.
>
> In general, I find the maven-jetty-plugin to be incredibly useful for
> determining if I have an issue in webapp, or in my appserver
> configuration. It also lets me run a test iteration that involves
> deploying the webapp must faster than most other methods.
I'll try to implement glassfish-embedded as well for testing. Haven't
done it in a while, but shouldn't take much time. After those
experiments, I'll happily merge your changes. Perhaps I'll do it in a
different branch, as this commit would break my WAR deployment in
Glassfish/JBoss.
>
> -Jared
>
> On Mon 21 May 2012 05:21:21 AM CDT, Paulo Pires wrote:
>> I'm using a MySQL ConnectionPoolDataSource so I've tried with
>> requiredType = javax.sql.ConnectionPoolDataSource and =
>> com.mysql.jdbc.jdbc2.optional.MysqlConnectionPoolDataSource but both
>> failed when bootstrapping Shiro's environment.
>>
>> If I comment that property, no errors are raised but I can't login in my
>> app. Also, I've been unable to put Shiro logging into a file.
>>
>> Thanks anyway,
>> PP
>>
>> On 18/05/12 22:54, Jared Bunting wrote:
>>> I believe you can do something like this: (untested)
>>>
>>> ds = org.apache.shiro.jndi.JndiObjectFactory
>>> ds.resourceName = jdbc/myDS
>>> ds.requiredType = javax.sql.DataSource # optional, but nice for early
>>> failures
>>>
>>> jdbcRealm.datasource = $ds
>>>
>>> -Jared
>>>
>>> On Fri 18 May 2012 04:51:17 PM CDT, Paulo Pires wrote:
>>>> Hi all,
>>>>
>>>> How can one define a DataSource in 'shiro.ini' pointing to a JNDI. For
>>>> instance, I have the following properties set:
>>>>
>>>> ds = com.jolbox.bonecp.BoneCPDataSource
>>>> ds.driverClass=com.mysql.jdbc.Driver
>>>> ds.jdbcUrl=jdbc:mysql://localhost:3306/simple_shiro_web_app
>>>> ds.username = root
>>>> ds.password = 123qwe
>>>> jdbcRealm = org.apache.shiro.realm.jdbc.JdbcRealm
>>>> jdbcRealm.dataSource=$ds
>>>>
>>>> Unfortunately, everyone that has access to my WAR package is able to
>>>> read this configuration and eventually misuse it. And I don't want to
>>>> discuss here that I could create a MySQL user with read-only
>>>> permissions to the tables Shiro needs. That's not my point.
>>>>
>>>> What I'd really like, is to simply refer a JNDI path like this:
>>>> # DataSource previously configured in the container
>>>> ds = jdbc/myDS
>>>> jdbcRealm.datasource = $ds
>>>>
>>>> Is this even possible? If not, would it interest anyone else?
>>>>
>>>> Cheers,
>>>> --
>>>> Paulo Pires
>
--
Paulo Pires
Re: How to use a DataSource from JNDI?
Posted by Jared Bunting <ja...@peachjean.com>.
I've cloned your repository, added the jndi config, and submitted a
pull request. I was able to get it working using the exact same
datasource setup as you had in shiro.ini.
If you run this with jetty (mvn jetty:run) then you can see it work. A
couple of things to mention:
1. Logging is working great in the jetty setup. This leads me to
believe that glassfish is somehow overriding your logging
configuration. I recommend consulting glassfish documentation.
2. I don't know how to setup a jndi resource in glassfish. Again,
you'll need to consult the glassfish documentation for that.
In general, I find the maven-jetty-plugin to be incredibly useful for
determining if I have an issue in webapp, or in my appserver
configuration. It also lets me run a test iteration that involves
deploying the webapp must faster than most other methods.
-Jared
On Mon 21 May 2012 05:21:21 AM CDT, Paulo Pires wrote:
> I'm using a MySQL ConnectionPoolDataSource so I've tried with
> requiredType = javax.sql.ConnectionPoolDataSource and =
> com.mysql.jdbc.jdbc2.optional.MysqlConnectionPoolDataSource but both
> failed when bootstrapping Shiro's environment.
>
> If I comment that property, no errors are raised but I can't login in my
> app. Also, I've been unable to put Shiro logging into a file.
>
> Thanks anyway,
> PP
>
> On 18/05/12 22:54, Jared Bunting wrote:
>> I believe you can do something like this: (untested)
>>
>> ds = org.apache.shiro.jndi.JndiObjectFactory
>> ds.resourceName = jdbc/myDS
>> ds.requiredType = javax.sql.DataSource # optional, but nice for early
>> failures
>>
>> jdbcRealm.datasource = $ds
>>
>> -Jared
>>
>> On Fri 18 May 2012 04:51:17 PM CDT, Paulo Pires wrote:
>>> Hi all,
>>>
>>> How can one define a DataSource in 'shiro.ini' pointing to a JNDI. For
>>> instance, I have the following properties set:
>>>
>>> ds = com.jolbox.bonecp.BoneCPDataSource
>>> ds.driverClass=com.mysql.jdbc.Driver
>>> ds.jdbcUrl=jdbc:mysql://localhost:3306/simple_shiro_web_app
>>> ds.username = root
>>> ds.password = 123qwe
>>> jdbcRealm = org.apache.shiro.realm.jdbc.JdbcRealm
>>> jdbcRealm.dataSource=$ds
>>>
>>> Unfortunately, everyone that has access to my WAR package is able to
>>> read this configuration and eventually misuse it. And I don't want to
>>> discuss here that I could create a MySQL user with read-only
>>> permissions to the tables Shiro needs. That's not my point.
>>>
>>> What I'd really like, is to simply refer a JNDI path like this:
>>> # DataSource previously configured in the container
>>> ds = jdbc/myDS
>>> jdbcRealm.datasource = $ds
>>>
>>> Is this even possible? If not, would it interest anyone else?
>>>
>>> Cheers,
>>> --
>>> Paulo Pires
>>
>
Re: How to use a DataSource from JNDI?
Posted by Paulo Pires <pj...@ubiwhere.com>.
I'm using a MySQL ConnectionPoolDataSource so I've tried with
requiredType = javax.sql.ConnectionPoolDataSource and =
com.mysql.jdbc.jdbc2.optional.MysqlConnectionPoolDataSource but both
failed when bootstrapping Shiro's environment.
If I comment that property, no errors are raised but I can't login in my
app. Also, I've been unable to put Shiro logging into a file.
Thanks anyway,
PP
On 18/05/12 22:54, Jared Bunting wrote:
> I believe you can do something like this: (untested)
>
> ds = org.apache.shiro.jndi.JndiObjectFactory
> ds.resourceName = jdbc/myDS
> ds.requiredType = javax.sql.DataSource # optional, but nice for early
> failures
>
> jdbcRealm.datasource = $ds
>
> -Jared
>
> On Fri 18 May 2012 04:51:17 PM CDT, Paulo Pires wrote:
>> Hi all,
>>
>> How can one define a DataSource in 'shiro.ini' pointing to a JNDI. For
>> instance, I have the following properties set:
>>
>> ds = com.jolbox.bonecp.BoneCPDataSource
>> ds.driverClass=com.mysql.jdbc.Driver
>> ds.jdbcUrl=jdbc:mysql://localhost:3306/simple_shiro_web_app
>> ds.username = root
>> ds.password = 123qwe
>> jdbcRealm = org.apache.shiro.realm.jdbc.JdbcRealm
>> jdbcRealm.dataSource=$ds
>>
>> Unfortunately, everyone that has access to my WAR package is able to
>> read this configuration and eventually misuse it. And I don't want to
>> discuss here that I could create a MySQL user with read-only
>> permissions to the tables Shiro needs. That's not my point.
>>
>> What I'd really like, is to simply refer a JNDI path like this:
>> # DataSource previously configured in the container
>> ds = jdbc/myDS
>> jdbcRealm.datasource = $ds
>>
>> Is this even possible? If not, would it interest anyone else?
>>
>> Cheers,
>> --
>> Paulo Pires
>
--
Paulo Pires
Re: How to use a DataSource from JNDI?
Posted by Jared Bunting <ja...@peachjean.com>.
I believe you can do something like this: (untested)
ds = org.apache.shiro.jndi.JndiObjectFactory
ds.resourceName = jdbc/myDS
ds.requiredType = javax.sql.DataSource # optional, but nice for early
failures
jdbcRealm.datasource = $ds
-Jared
On Fri 18 May 2012 04:51:17 PM CDT, Paulo Pires wrote:
> Hi all,
>
> How can one define a DataSource in 'shiro.ini' pointing to a JNDI. For
> instance, I have the following properties set:
>
> ds = com.jolbox.bonecp.BoneCPDataSource
> ds.driverClass=com.mysql.jdbc.Driver
> ds.jdbcUrl=jdbc:mysql://localhost:3306/simple_shiro_web_app
> ds.username = root
> ds.password = 123qwe
> jdbcRealm = org.apache.shiro.realm.jdbc.JdbcRealm
> jdbcRealm.dataSource=$ds
>
> Unfortunately, everyone that has access to my WAR package is able to
> read this configuration and eventually misuse it. And I don't want to
> discuss here that I could create a MySQL user with read-only
> permissions to the tables Shiro needs. That's not my point.
>
> What I'd really like, is to simply refer a JNDI path like this:
> # DataSource previously configured in the container
> ds = jdbc/myDS
> jdbcRealm.datasource = $ds
>
> Is this even possible? If not, would it interest anyone else?
>
> Cheers,
> --
> Paulo Pires