No understanding with the database connection from WAS connection pool through JNDI
https://stackoverflow.com/questions/12207843
-
29-06-2021 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
i'm developing a little java client program to retrieve database connection from WAS connection pool through JNDI lookup. But this java client locates outside WAS scope. The code details as below:
import java.util.*;
import javax.naming.*;
import javax.naming.directory.*;
import java.io.*;
import java.sql.*;
import javax.sql.*;
public class WASORB {
/**
* @param args
* @throws NamingException
*/
public static void main(String[] args) throws Exception {
InitialContext initialContext = getInitialContext();
javax.sql.DataSource ds = (DataSource)initialContext.lookup("jndi/local");
Connection cn = ds.getConnection("*****", "*****");
if(cn != null)
System.out.println ("Connection ok");
String sql = "select * from ACT";
Statement st = cn.createStatement();
ResultSet rs = st.executeQuery(sql);
while(rs.next()){
System.out.println (rs.getString(2));
}
}
public static InitialContext getInitialContext() throws NamingException {
Hashtable env = new Hashtable();
env.put(Context.INITIAL_CONTEXT_FACTORY,"com.ibm.websphere.naming.WsnInitialContextFactory");
env.put(Context.PROVIDER_URL,"iiop://localhost:2811");
InitialContext context = new InitialContext(env);
return context;
}
}
The code is working fine and return result correctly. But i've got two questions don't understand here:
Why do i have to provide userid/password when invoking method getConnection? From my understanding, i've already configured this authentication credential within WAS DataSource. And WAS plays the likely proxy role when my java client tries to get connection. If so, why am i required to input again here?
Once the client code gets running, there should be one connection within the WAS specific database connection pool from the point of my view. But i don't see any connection created in the connection pool. so why this happen? or am i understanding wrongly?
Thanks
Solution
Think of the security ramifications if anyone could connect to your organization's database simply by bootstrapping into JNDI. The deployer of a server application vouches for the identity of an application deployed on the server by mapping the application's resource reference to the data source's JNDI entry. Since no such vetting can be done for arbitrary clients, it is necessary for them to authenticate.
As for your connection, it can't be managed by the server since it didn't come from the server. Your connection instance is running in your client (most likely a different JVM). The server only manages connections for applications running in the server.
OTHER TIPS
I already explained that in one of my previous answers to one of your questions:
