Skip site navigation (1) Skip section navigation (2)

FW: optional JAAS login - attachment

From: "Kronus David" <kronda(at)atlas(dot)cz>
To: <pgsql-jdbc(at)postgresql(dot)org>
Subject: FW: optional JAAS login - attachment
Date: 2010-03-05 21:51:37
Message-ID: 832f294977d2441781fd3be90e7c2a5f@04d1395a64934c49a9ea5cf31a62c65e (view raw or flat)
Thread:
Lists: pgsql-jdbc
Ok, sorry, forgot to attach the patch. Here it is.
David



>---------------------------------------------------------
>Od: Kronus David
>Přijato: 5.3.2010 22:48:12
>Předmět: optional JAAS login
>
>Hi pgjdbc devs,
>I made a little change in the driver for myself and I'd like to offer it for inclusion in the official distribution.
>
>I was experimenting with the JAAS+GSS authentication provided by the driver and found out that I'd like to have the possibility to perform the JAAS login myself in the application that uses your pgjdbc driver. This means that I'd like to have the possibility of a full control of the creation of LoginContext. Currently the driver always creates this object, the only configurable thing is the name of JAAS configuration to be used. However, problems include specification of JAAS login.conf file location (I know, there is this java system property but that's really not much flexible) and the possibility to provide some functional implementation of the callback which might ask for a password if needed (currently if there are no valid credentials in the ticketcache and there was no password provided initially to the driver, the authentication fails - it's much better to have the possibility to ask for the password only when needed, I guess).
>
>On the hand I understand that for many uses it's handy to have the plugin actually perform the login so I decided to go with parameter 'performJaasLogin' which is true by default and can be set to 'false' in the connection URL. Then it determines whether the login is performed by the driver (value 'true') or not. The code change is trivial and I've tested it - it works as expected. You might use my ant task 'jaasauth' with the standard ant task 'sql' (specify empty password) to perform the JAAS authentication if you want (look at http://dave.matfyz.cz/page/en/software.html for download and documentation of 'jaasauth').
>
>Of course if you think there is a need to modify the code change a bit let me know...
>
>Greetings!
>David

Attachment: mypatch-20100305.diff
Description: application/octet-stream (2.0 KB)

pgsql-jdbc by date

Next:From: Thomas KellererDate: 2010-03-07 21:45:49
Subject: Driver not returning the type for TYPEs
Previous:From: Kronus DavidDate: 2010-03-05 21:48:11
Subject: optional JAAS login

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group