Restrict access to connection pool in Weblogic?

Posted by Andrew White on Stack Overflow See other posts from Stack Overflow or by Andrew White
Published on 2010-02-22T16:28:18Z Indexed on 2010/03/27 5:03 UTC
Read the original article Hit count: 389

Filed under:
|
|
|

In short, how can I restrict access to connection pool X based on application name or JAR name? A simple use case might help...

A business web-app (call it WEB_APP_A) uses pool Y to do basic look-up SQL. Some users of this web-app have access to also update some sensitive data in the database. This code is provided by a JAR file (call it HR_JAR) that can be dropped in where needed. This JAR uses pool X for all of it's connections.

We don't want developers of WEB_APP_A using pool X. We only want HR_JAR using pool X. This is to keep devs of WEB_APP_A from accidentally or intentionally abusing the access pool X provides.

Some considerations:

  1. This is legacy code so HR_JAR is here to stay
  2. We are running on Weblogic 9.2
  3. We can not keep passwords in any from in the source code
  4. We have researched weblogic user level authn/authz for JDBC resources but then this begs the question; how do we secure the user creds we use to become a user per app/jar?

Ideas? Thoughts? I can elaborate more on what I have tried, but I wanted fresh ideas.

© Stack Overflow or respective owner

Related posts about weblogic

Related posts about jdbc