I am running a webservice with Jersey and Spring. It's running on a tomcat server, and using the connection pool tomcat delivers.
I would like to change the user used to query the databse depending on the type of action that is needed : for example, doing a simple select doesn't require writing rights on the database. To do so, I've seen that I can use the class UserCredentialsDataSourceAdapter and modify the username and password for the current thread using setCredentialsForCurrentThread just before calling a specific JdbcTemplate method to query the databse.
But when I try to call my webservice and insert for example a row in my databse, I get the following error :
org.postgresql.util.PSQLException: FATAL: no entry in pg_hba.conf for host ?? xx.xx.xx.xx ??, user ?? nope ??,
database dummy ??, SSL inactive
I understand that error, and it seems to me that whatever I do, the internal getConnection on the connection pool will use the username and password defined in my context.xml file instead of using the ones I've put in the method.
Here's a look at my context.xml :
<Context>
<Resource name="jdbc/postgres" auth="Container"
type="javax.sql.DataSource" driverClassName="org.postgresql.Driver"
url="jdbc:postgresql://xxxx.com:5432/dummy"
username="nope" password="something" maxActive="20" maxIdle="10" maxWait="-1"
removeAbandoned="true" removeAbandonedTimeout="60" logAbandoned="true"/>
</Context>
I also saw that I could use the attribute alternateUsernameAllowed="true" in my context.xml file, but that didn't change anything to the problem. (reference : http://ift.tt/1mZiOqJ )
I am using Tomcat 7.0.53 and Spring 4.
Any ideas on how to change the credentials on the fly ?
In the event that I can't find any suitable answer, is what I am trying to do a good pratice ? Or should I rather use a global user for all my database queries and don't apply a specific user ? It seems to me that it is more secure to do it with specific users.
Thanks !
Aucun commentaire:
Enregistrer un commentaire