NonStop Servlets for JavaServer Pages (NSJSP) 6.1 System Administrator's Guide

ManualsBrandsHP ManualsServerHP Integrity NonStop J-Series

361

362

363

364

365

366

367

368

369

370

Security Considerations

NonStop Servlets for JavaServer Pages (NSJSP) 6.1 System Administrator’s Guide—596210-006

8-16

Realms

JDBCRealm provides substantial configuration flexibility to adapt to existing table and

column names, if your database structure conforms to the following requirements:



Users table: There must be a table that contains one row for every user that the

JDBCRealm must validate. The users table must contain at least the following two

columns (it might contain more if applications require them):



Username: The username to be validated by NSJSP when the user logs in.



Password: The password to be validated by NSJSP when the user logs in.

This value may be in plain text or digested. For more information on

digested password, see Digested Passwords on page 8-28.



User roles table: There must also be a table that contains one row for every valid

role that is assigned to a particular user. A user can have zero, one, or more valid

roles. The user roles table must contain at least the following two columns (it may

contain more if applications require them):



Username: The username to be validated by NSJSP (the same value as

specified in the users table).



Role name: The role name of a valid role associated with this user.

The JDBCRealm queries the database each time it is requested to authenticate a user.

Therefore, any changes to the database are immediately reflected in the information

used to authenticate users.

When a user is authenticated, the user (including the user's associated roles)

information is cached within NSJSP for the duration of a user login session. For form-

based authentication, the cached information lasts till the session times out or is

invalidated; for basic and digest authentication, the cached information lasts till the

user closes the browser. Changes to the database information for an authenticated

user are not reflected until the next login by that user.

Attributes in the JDBCRealm

Table 8-3 lists the attributes supported by the JDBCRealm.

Table 8-3. JDBCRealm Attributes (page 1 of 2)

Attribute Description

connectionName Specifies the database username to use when establishing the

JDBC connection. This attribute is not relevant when using the

Type 2 SQL/MX (or SQL/MP) driver.

connectionPassword Specifies the database password that must be used when

establishing the JDBC connection. This attribute is not relevant

when using the Type 2 SQL/MX (or SQL/MP) driver.

connectionURL Specifies the connection URL that must be passed to the JDBC

driver when establishing a database connection.