You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Jevin Maltais <je...@techie.com> on 2007/07/03 21:57:28 UTC
How internally does a jndi resource get created?
Big picture: Trying to hide the password from the server.xml file and
instead have it in byte code in a compile version of tomcat.
I'm trying to figure out when the jndi resource is being created by
tomcat so I can change the password for a given resource. It may not
be super clean or OO style but it will work.
Tomcat is kind of overwhelming so I'm looking for help. It looks like
the HostConfig class parses the server.xml (where my database and
password is defined) and parses it from there but I'm totally lost
where it adds the Resource to JNDI lookup table.
Could someone point me in the right direction?
Cheers!
Jevin
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: How internally does a jndi resource get created?
Posted by Jevin Maltais <je...@techie.com>.
Well folks, I never would have figured that out on my own. I copied
and modified both a new BasicDataSourceFactory and BasicDataSource and
referenced it properly. It worked out.
Thanks again for your quick and friendly replies! I'll stay
subscribed to this list for sure!
Cheerio,
Jevin
On 7/4/07, David Smith <dn...@cornell.edu> wrote:
> Tomcat uses commons-beanutils to set all the parameters of
> org.apache.commons.dbcp.BasicDataSource (or actually tomcat's own
> refactored copy of it) with the attributes found in the Resource element
> in server.xml or one of the context.xml files.
>
> I think Johnny is right ... set up your own db pool. You could even
> pull the same trick with commons-beanutils that tomcat does, just catch
> where it gets to the password and handle that separately. It's easier
> and then your webapp can be more self contained and container independent.
>
> --David
>
> Johnny Kewl wrote:
> > Jevin, my curiousity got the better of me, and I tried to find it for
> > you....
> > Can see TC loading up the resource in the ResourceFactory, but it just
> > seems that nowhere does it actually read the password and pass it into
> > DBCP....
> > I havnt checked, but I have a feeling that the DBCP module gets the
> > password directly from the configuration..... I dont have the source
> > for DBCP, so couldnt check.
> >
> > Anyway, I think its just a really bad idea.... think it will be easier
> > just to setup your own dB pool, and put the passwords where ever you
> > want, thats how I do it....
> >
> > Good Luck...
> >
> > ----- Original Message ----- From: "Jevin Maltais" <je...@techie.com>
> > To: <us...@tomcat.apache.org>
> > Sent: Tuesday, July 03, 2007 9:57 PM
> > Subject: How internally does a jndi resource get created?
> >
> >
> >> Big picture: Trying to hide the password from the server.xml file and
> >> instead have it in byte code in a compile version of tomcat.
> >>
> >> I'm trying to figure out when the jndi resource is being created by
> >> tomcat so I can change the password for a given resource. It may not
> >> be super clean or OO style but it will work.
> >>
> >> Tomcat is kind of overwhelming so I'm looking for help. It looks like
> >> the HostConfig class parses the server.xml (where my database and
> >> password is defined) and parses it from there but I'm totally lost
> >> where it adds the Resource to JNDI lookup table.
> >>
> >> Could someone point me in the right direction?
> >>
> >> Cheers!
> >> Jevin
> >>
> >> ---------------------------------------------------------------------
> >> To start a new topic, e-mail: users@tomcat.apache.org
> >> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> >> For additional commands, e-mail: users-help@tomcat.apache.org
> >>
> >>
> >
> >
> > ---------------------------------------------------------------------
> > To start a new topic, e-mail: users@tomcat.apache.org
> > To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> > For additional commands, e-mail: users-help@tomcat.apache.org
> >
>
>
> ---------------------------------------------------------------------
> To start a new topic, e-mail: users@tomcat.apache.org
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
--
Jevin Maltais [jevin@techie.com]
http://jevy.org
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: How internally does a jndi resource get created?
Posted by David Smith <dn...@cornell.edu>.
Tomcat uses commons-beanutils to set all the parameters of
org.apache.commons.dbcp.BasicDataSource (or actually tomcat's own
refactored copy of it) with the attributes found in the Resource element
in server.xml or one of the context.xml files.
I think Johnny is right ... set up your own db pool. You could even
pull the same trick with commons-beanutils that tomcat does, just catch
where it gets to the password and handle that separately. It's easier
and then your webapp can be more self contained and container independent.
--David
Johnny Kewl wrote:
> Jevin, my curiousity got the better of me, and I tried to find it for
> you....
> Can see TC loading up the resource in the ResourceFactory, but it just
> seems that nowhere does it actually read the password and pass it into
> DBCP....
> I havnt checked, but I have a feeling that the DBCP module gets the
> password directly from the configuration..... I dont have the source
> for DBCP, so couldnt check.
>
> Anyway, I think its just a really bad idea.... think it will be easier
> just to setup your own dB pool, and put the passwords where ever you
> want, thats how I do it....
>
> Good Luck...
>
> ----- Original Message ----- From: "Jevin Maltais" <je...@techie.com>
> To: <us...@tomcat.apache.org>
> Sent: Tuesday, July 03, 2007 9:57 PM
> Subject: How internally does a jndi resource get created?
>
>
>> Big picture: Trying to hide the password from the server.xml file and
>> instead have it in byte code in a compile version of tomcat.
>>
>> I'm trying to figure out when the jndi resource is being created by
>> tomcat so I can change the password for a given resource. It may not
>> be super clean or OO style but it will work.
>>
>> Tomcat is kind of overwhelming so I'm looking for help. It looks like
>> the HostConfig class parses the server.xml (where my database and
>> password is defined) and parses it from there but I'm totally lost
>> where it adds the Resource to JNDI lookup table.
>>
>> Could someone point me in the right direction?
>>
>> Cheers!
>> Jevin
>>
>> ---------------------------------------------------------------------
>> To start a new topic, e-mail: users@tomcat.apache.org
>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>> For additional commands, e-mail: users-help@tomcat.apache.org
>>
>>
>
>
> ---------------------------------------------------------------------
> To start a new topic, e-mail: users@tomcat.apache.org
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: How internally does a jndi resource get created?
Posted by Johnny Kewl <jo...@kewlstuff.co.za>.
Jevin, my curiousity got the better of me, and I tried to find it for
you....
Can see TC loading up the resource in the ResourceFactory, but it just seems
that nowhere does it actually read the password and pass it into DBCP....
I havnt checked, but I have a feeling that the DBCP module gets the password
directly from the configuration..... I dont have the source for DBCP, so
couldnt check.
Anyway, I think its just a really bad idea.... think it will be easier just
to setup your own dB pool, and put the passwords where ever you want, thats
how I do it....
Good Luck...
----- Original Message -----
From: "Jevin Maltais" <je...@techie.com>
To: <us...@tomcat.apache.org>
Sent: Tuesday, July 03, 2007 9:57 PM
Subject: How internally does a jndi resource get created?
> Big picture: Trying to hide the password from the server.xml file and
> instead have it in byte code in a compile version of tomcat.
>
> I'm trying to figure out when the jndi resource is being created by
> tomcat so I can change the password for a given resource. It may not
> be super clean or OO style but it will work.
>
> Tomcat is kind of overwhelming so I'm looking for help. It looks like
> the HostConfig class parses the server.xml (where my database and
> password is defined) and parses it from there but I'm totally lost
> where it adds the Resource to JNDI lookup table.
>
> Could someone point me in the right direction?
>
> Cheers!
> Jevin
>
> ---------------------------------------------------------------------
> To start a new topic, e-mail: users@tomcat.apache.org
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: How internally does a jndi resource get created?
Posted by Filip Hanik - Dev Lists <de...@hanik.com>.
for any <Resource> element, you can define the factory that creates the
object.
<Resource factory="my.jndi.Factory"..../>
and this factory implements the javax.naming.spi.ObjectFactory
you can also take a look at the class
org.apache.naming.factory.ResourceFactory in Tomcat, this is the default
one that does the instantiation
Filip
Jevin Maltais wrote:
> Big picture: Trying to hide the password from the server.xml file and
> instead have it in byte code in a compile version of tomcat.
>
> I'm trying to figure out when the jndi resource is being created by
> tomcat so I can change the password for a given resource. It may not
> be super clean or OO style but it will work.
>
> Tomcat is kind of overwhelming so I'm looking for help. It looks like
> the HostConfig class parses the server.xml (where my database and
> password is defined) and parses it from there but I'm totally lost
> where it adds the Resource to JNDI lookup table.
>
> Could someone point me in the right direction?
>
> Cheers!
> Jevin
>
> ---------------------------------------------------------------------
> To start a new topic, e-mail: users@tomcat.apache.org
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
>
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: How internally does a jndi resource get created?
Posted by Johnny Kewl <jo...@kewlstuff.co.za>.
Jevin, it actually sounds like you not just talking about JNDI and defining
your own factory, but setting the passwords programmatically for the
standard DBCP JNDI factory.... I dont think its possible, but it would be
nice to be proved wrong.
Keeping passwords in binary form, would require no more than making a class
in a library, so I think you actually talking about intercepting TC and
changing DBCP passwords.
I may be wrong but I think by the time your application even gets to run one
line of code.... its too late, especially if its a global resource, defined
in server.xml.
If you working with embedded stuff, then I think you will be able to
configure it, but if I'm not mistaken, that Catalina class via the Digester
will kick that whole process off long before it even starts your web-app, so
even if you set up a listener, by the time that fires, I think the JDBC pool
will already be full of connections made with the xml config password and
username.
I dont know.... if someone has used the JNDI DBCP facility, and the customer
says, hide those passwords.... what can one do?
----- Original Message -----
From: "Jevin Maltais" <je...@techie.com>
To: <us...@tomcat.apache.org>
Sent: Tuesday, July 03, 2007 9:57 PM
Subject: How internally does a jndi resource get created?
> Big picture: Trying to hide the password from the server.xml file and
> instead have it in byte code in a compile version of tomcat.
>
> I'm trying to figure out when the jndi resource is being created by
> tomcat so I can change the password for a given resource. It may not
> be super clean or OO style but it will work.
>
> Tomcat is kind of overwhelming so I'm looking for help. It looks like
> the HostConfig class parses the server.xml (where my database and
> password is defined) and parses it from there but I'm totally lost
> where it adds the Resource to JNDI lookup table.
>
> Could someone point me in the right direction?
>
> Cheers!
> Jevin
>
> ---------------------------------------------------------------------
> To start a new topic, e-mail: users@tomcat.apache.org
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org