Search Results

Search found 3919 results on 157 pages for 'role providers'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 17/157 | < Previous Page | 13 14 15 16 17 18 19 20 21 22 23 24  | Next Page >

  • How can I access a method of the consumer class inside a method created at runtime in a method of th

    - by xxxxxxx
    I define a method inside a parametrized role that needs to create a new class at run time using Moose::Meta::Class->create and apply that exact parametrized role to it. I am also making a new method for that role using $new_class->meta->add_method( some_name => sub { my ($self) = @_; ... }) inside the sub {...} I want to access a method of the consumer class and use it for something, I have tried using $self->get_method, it didn't work, how do I do this? Please notice that the $self inside the sub above is MooseX::Role::Parameterized::Meta::Role::Parameterizable I also have another question, if I do this: my $object = Moose::Meta::Class->create( "some_type", ); Why isn't $object of type some_type and it's some ugly MooseX::Role::Parameterized::Meta::Role::Parameterizable and how do I get to the object of type some_type?

    Read the article

  • declarative authorization and has_and_belongs_to_many

    - by Michael Balsiger
    Hi, I have a little problem with declarative-authorization. I have a User and Role Model with a has_and_belongs_to_many association. I've created a Role named :moderator in my authorization_rules.rb Is it possible that a User with the Role Moderator only gets the Users that have the Moderator Role assigned to it?? -- User.with_permissions_to(:index) I thought it would be possible like that: role :moderator do has_permission_on :users, :to => :index do if_attribute :roles => contains { ????? } end end I also created a named_scope in my User Model because I thought it would help... class User has_and_belongs_to_many :roles named_scope :by_role, lambda { |role| { :include => :roles, :conditions => {"roles.name" => role} } } end Does anyone knows if it's possible to do this with declarative_authorization? Thanks for your help!

    Read the article

  • Rails way for querying join table in has_and_belongs_to_many

    - by Michelle
    I have a user model and a role model with a has_and_belongs_to_many reliationship. The join table is roles_users (two columns - the PK of the user and the role) and has no corresponding model. I want to have a method that returns all users with a given role. In SQL that'd be something like SELECT u.id FROM role.r, roles_users ru WHERE r.role_id = #{role.id} AND r.role_id = ru.role_id I see that Rails' activerecord has a find_by_sql method, but it's only expecting one results to be returned. What is the "Rails Way" to give me a list of users with a given role e.g. def self.find_users_with_role(role) users = [] users << # Some ActiveRecord magic or custom code here..? end

    Read the article

  • Using entity framework to detect changes in related table and action appropriate inserts and deletes

    - by Kohan
    Lets say i have a Person table, a Role table with a trel table PersonRoles linking them as many to many. I create a new person and assign them to 2 roles (role 1, role 3). I then want to edit this person; so i retrieve their data and bind their roles to a checkboxes. I change the values (Deselect role 1 and select role 2 instead) I then post this data back through a viewmodel. Can i then get Entity Framework to update these roles for me, as in delete the entry in PersonRoles to role 1 and then add a new entry as role 2? Or do i have to do the logic for this myself? Cheers, Kohan

    Read the article

  • Jquery mobile email form with php script

    - by Pablo Marino
    i'm working in a mobile website and i'm having problems with my email form The problem is that when I receive the mail sent through the form, it contains no data. All the data entered by the user is missing. Here is the form code <form action="correo.php" method="post" data-ajax="false"> <div> <p><strong>You can contact us by filling the following form</strong></p> </div> <div data-role="fieldcontain"> <fieldset data-role="controlgroup" data-mini="true"> <label for="first_name">First Name</label> <input id="first_name" placeholder="" type="text" /> </fieldset> </div> <div data-role="fieldcontain"> <fieldset data-role="controlgroup" data-mini="true"> <label for="last_name">Last name</label> <input id="last_name" placeholder="" type="text" /> </fieldset> </div> <div data-role="fieldcontain"> <fieldset data-role="controlgroup" data-mini="true"> <label for="email">Email</label> <input id="email" placeholder="" type="email" /> </fieldset> </div> <div data-role="fieldcontain"> <fieldset data-role="controlgroup" data-mini="true"> <label for="telephone">Phone</label> <input id="telephone" placeholder="" type="tel" /> </fieldset> </div> <div data-role="fieldcontain"> <fieldset data-role="controlgroup" data-mini="true"> <label for="age">Age</label> <input id="age" placeholder="" type="number" /> </fieldset> </div> <div data-role="fieldcontain"> <fieldset data-role="controlgroup" data-mini="true"> <label for="country">Country</label> <input id="country" placeholder="" type="text" /> </fieldset> </div> <div data-role="fieldcontain"> <fieldset data-role="controlgroup"> <label for="message">Your message</label> <textarea id="message" placeholder="" data-mini="true"></textarea> </fieldset> </div> <input data-inline="true" data-theme="e" value="Submit" data-mini="true" type="submit" /> </form> Here is the PHP code <? /* aqui se incializan variables de PHP */ if (phpversion() >= "4.2.0") { if ( ini_get('register_globals') != 1 ) { $supers = array('_REQUEST', '_ENV', '_SERVER', '_POST', '_GET', '_COOKIE', '_SESSION', '_FILES', '_GLOBALS' ); foreach( $supers as $__s) { if ( (isset($$__s) == true) && (is_array( $$__s ) == true) ) extract( $$__s, EXTR_OVERWRITE ); } unset($supers); } } else { if ( ini_get('register_globals') != 1 ) { $supers = array('HTTP_POST_VARS', 'HTTP_GET_VARS', 'HTTP_COOKIE_VARS', 'GLOBALS', 'HTTP_SESSION_VARS', 'HTTP_SERVER_VARS', 'HTTP_ENV_VARS' ); foreach( $supers as $__s) { if ( (isset($$__s) == true) && (is_array( $$__s ) == true) ) extract( $$__s, EXTR_OVERWRITE ); } unset($supers); } } /* DE AQUI EN ADELANTE PUEDES EDITAR EL ARCHIVO */ /* reclama si no se ha rellenado el campo email en el formulario */ /* aquí se especifica la pagina de respuesta en caso de envío exitoso */ $respuesta="index.html#respuesta"; // la respuesta puede ser otro archivo, en incluso estar en otro servidor /* AQUÍ ESPECIFICAS EL CORREO AL CUAL QUEIRES QUE SE ENVÍEN LOS DATOS DEL FORMULARIO, SI QUIERES ENVIAR LOS DATOS A MÁS DE UN CORREO, LOS PUEDES SEPARAR POR COMAS */ $para ="[email protected];" /* this is not my real email, of course */ /* AQUI ESPECIFICAS EL SUJETO (Asunto) DEL EMAIL */ $sujeto = "Mail de la página - Movil"; /* aquí se construye el encabezado del correo, en futuras versiones del script explicaré mejor esta parte */ $encabezado = "From: $first_name $last_name <$email>"; $encabezado .= "\nReply-To: $email"; $encabezado .= "\nX-Mailer: PHP/" . phpversion(); /* con esto se captura la IP del que envío el mensaje */ $ip=$REMOTE_ADDR; /* las siguientes líneas arman el mensaje */ $mensaje .= "NOMBRE: $first_name\n"; $mensaje .= "APELLIDO: $last_name\n"; $mensaje .= "EMAIL: $email\n"; $mensaje .= "TELEFONO: $telephone\n"; $mensaje .= "EDAD: $age\n"; $mensaje .= "PAIS: $country\n"; $mensaje .= "MENSAJE: $message\n"; /* aqui se intenta enviar el correo, si no se tiene éxito se da un mensaje de error */ if(!mail($para, $sujeto, $mensaje, $encabezado)) { echo "<h1>No se pudo enviar el Mensaje</h1>"; exit(); } else { /* aqui redireccionamos a la pagina de respuesta */ echo "<meta HTTP-EQUIV='refresh' content='1;url=$respuesta'>"; } ?> Any help please? Thanks in advance Pablo

    Read the article

  • Form is creating already loaded attributes in addition to new attributes, how do I ignore the first?

    - by looloobs
    In my application you: Have an admin user that signs on and that user has a role (separate model), then I use the declarative_authorization plugin to give access to certain areas. That admin user can also register new users in the system, when they do this (using Authlogic) they fill out a nested form that includes that new users' role. So what is happening is the role of the admin user is being loaded by the declarative_authorization and then the nested form using the has_many_nested_attributes is loading that existing role as well as the new role for the new user (users can have many roles). Is there some way I can tell the new User being created to ignore the role assigned to the current_user and only create the role in the form for the new user? I have looked through a lot of different things, but it seems to get more complicated that these are nested attributes. Thanks in advance.

    Read the article

  • How to use different providers for Linq to entities?

    - by Anders Svensson
    I'm trying to familiarize myself a bit more with database programming, and I'm looking at different ways of creating a data access layer for applications. I've tried out a few ways but there is such a jungle of different database technologies that I don't know what to learn. For instance I've tried using datasets with tableadapters. Using that I am able to switch data provider rather easily (by programming against the interfaces such as IDbConnection). This is one thing I would want to achieve. But I also know everyone's talking about LINQ, and I'm trying to get to know that a bit better too. So I have tried using Linq to Sql classes as the data access layer as well, but apparently this is not provider independent (works only for SQL Server). So then I read about the Entity Framework (which just as Linq to SQL apparently has gotten its share of bashing already...). It's supposed to be provider independent everybody says, but how? I tried out a tutorial to create an entity data model, but the only providers to choose from were SQL Server/Express. Just for learning purposes, I would like to know how to use the entity framework with MS Access/OleDb. Also, I would appreciate some input on what is the preferred database technology for data access. Is it LINQ still after all the bashing, or should you just use datasets because they are provider independent? Any pointers for what to learn would be great, because it's just too much to learn it all if I'm not going to use it in the end...!

    Read the article

  • What are good Usenet account providers, both free and paid?

    - by alok
    I used to access newsgroups via the Berlin university's facilities - they provided free acccounts, but that stopped a few years ago. Since then I have been using Google groups to access newsgroups but it's not the same thing as accessing Usenet via a newsreader like Pan. If any of you still access newsgroups via news readers, where is your account? Please mention if it's free or paid, if paid, how much do you pay, as well as how satisfied you are with the service. Edit: While binaries may be a reason to have a Usenet account, that's not the motivation for me. It is the ability to use the newsreader client features that Google groups doesn't provide.

    Read the article

  • What email providers have extremely high reliability and robust SLAs?

    - by Benjamin Manns
    My dad is a professor who does part-time law practice. He had been using his university email address for professional correspondence, when he found out that the university had permanently lost 16 business-related emails in their spam filter (with no apology, notification, or compensation). What I am looking for now is an email provider (preferably with Exchange, but not required) with very high reliability and a SLA that is basically an insurance policy. I have looked at Google Apps's SLA, but this will not suit. I am looking for a provider who will take $X per month in registration fees, and will: Alert me when there is any downtime. Promptly fix the issue Pay me a fee ($Y) whenever there is downtime. I want a significant, contractual reason for them to be diligent in their service. Free service for me is not enough.

    Read the article

  • Software to monitor bill payment to mission critical IT service providers (ISP, DNS etc.)

    - by Sholom
    Hi All, The Problem: Our very likable but absent minded bookkeeper keeps neglecting to pay our IT vendors on time. Just this past week our internet service was disconnected. Same could happen to many other mission critical accounts (domain registrar, backup MX, anti-virus license, HackerSafe (McAfee secure) service and even an 800 number to name a few). As the sysadmin, i monitor my severs to make sure they are plugged into the power-outlet. I believe i should also monitor my services to make sure they are plugged in to their money-outlet. To compound the problem, when the power goes out someone else will likely notice and notify me. But if a bill is not payed, no one will ever notice until service is lost. Lost as in losing our domain name which would cause a lot more damage then the power failing on our server. [Solution] = [Doesn't work because]: Retrain the bookkeeper = Wishful thinking. Notify my manager = Already have (via email). Protects me, does not solve problem. Fire bookkeeper = What makes you so sure the next one will never forget? Bottom line: Humans are humans and sooner or later something critical will be royally messed up. We need to partner with a machine to help us out here. Anybody have the same problem? What software/solution do you use? I would like software that emails me when a bill is passed due just like i get an email when the power outlet fails. Anyone hear of anything like that? Thanks

    Read the article

  • Migrating Identity Providers - specifying a new users password hash.

    - by Stephen Denne
    We'd like to switch Identity Provider (and Web Access Manager), and also the user directory we use, but would like to do so without users needing to change their password. We currently have the SSHA of the passwords. I'm expecting to write code to perform the migration. I don't mind how complex the code has to be, rather my concern is whether such a migration is possible at all. MS Active Directory would be our preferred user store, but I believe that it can not have new users set up in it with a particular password hash. Is that correct? What user directory stores can be populated with users already set up with a SSHA password? What Identity Provider and Access Management products work with those stores?

    Read the article

  • Data center Rack space providers with Dedicated/Unmetered 10Gbps+ packages?

    - by Bob Marley
    The only provider I know is FDC and I was hoping you guys could help me compile a list for comparison? The only requirements are that they 1) have 42U rack space and 2) have dedicated/unmetered 10Gbps+ packages. I don't care where they're located or anything else as long as those two conditions are met. If you feel like sharing your opinions and/or experience with anyone too that'd be great, although it's not required. Thanks guys.

    Read the article

  • Do email providers have to tell me which (inter)national agencies/institutes are requesting legal access to my account data?

    - by Juve
    I know this question is not technical, but i did not find the "stackoverflow for legal issues" and I guess all you super users out there might know the answer. Here is my (potential) problem: I have a free email account at a (inter)national email provider. I used the words "wikileaks" and "twitter" lately in my email. Some over-ambitious national security organization legally requests access to all accounts that behaved similarly. Q1: Can I request the who-, when-, and why-information related to this legal request from my provider? Does he have to tell me which (inter)national organizations (legally) requested my account data? Q2: Does the situation change if I live in Germany (and have a German provider)? I guess here are some German users. And I know that such a legal policy exists for our national credit rating agency. I can request who got access to my data, they have to tell me. Please answer only if you know a good answer, I don't want to start a long discussion on this none-technical question. Best regards, Juve

    Read the article

  • Eager/Lazy loaded member always empty with JPA one-to-many relationship

    - by Kaleb Pederson
    I have two entities, a User and Role with a one-to-many relationship from user to role. Here's what the tables look like: mysql> select * from User; +----+-------+----------+ | id | name | password | +----+-------+----------+ | 1 | admin | admin | +----+-------+----------+ 1 row in set (0.00 sec) mysql> select * from Role; +----+----------------------+---------------+----------------+ | id | description | name | summary | +----+----------------------+---------------+----------------+ | 1 | administrator's role | administrator | Administration | | 2 | editor's role | editor | Editing | +----+----------------------+---------------+----------------+ 2 rows in set (0.00 sec) And here's the join table that was created: mysql> select * from User_Role; +---------+----------+ | User_id | roles_id | +---------+----------+ | 1 | 1 | | 1 | 2 | +---------+----------+ 2 rows in set (0.00 sec) And here's the subset of orm.xml that defines the tables and relationships: <entity class="User" name="User"> <table name="User" /> <attributes> <id name="id"> <generated-value strategy="AUTO" /> </id> <basic name="name"> <column name="name" length="100" unique="true" nullable="false"/> </basic> <basic name="password"> <column length="255" nullable="false" /> </basic> <one-to-many name="roles" fetch="EAGER" target-entity="Role" /> </attributes> </entity> <entity class="Role" name="Role"> <table name="Role" /> <attributes> <id name="id"> <generated-value strategy="AUTO"/> </id> <basic name="name"> <column name="name" length="40" unique="true" nullable="false"/> </basic> <basic name="summary"> <column name="summary" length="100" nullable="false"/> </basic> <basic name="description"> <column name="description" length="255"/> </basic> </attributes> </entity> Yet, despite that, when I retrieve the admin user, I get back an empty collection. I'm using Hibernate as my JPA provider and it shows the following debug SQL: select user0_.id as id8_, user0_.name as name8_, user0_.password as password8_ from User user0_ where user0_.name=? limit ? When the one-to-many mapping is lazy loaded, that's the only query that's made. This correctly retrieves the one admin user. I changed the relationship to use eager loading and then the following query is made in addition to the above: select roles0_.User_id as User1_1_, roles0_.roles_id as roles2_1_, role1_.id as id9_0_, role1_.description as descript2_9_0_, role1_.name as name9_0_, role1_.summary as summary9_0_ from User_Role roles0_ left outer join Role role1_ on roles0_.roles_id=role1_.id where roles0_.User_id=? Which results in the following results: +----------+-----------+--------+----------------------+---------------+----------------+ | User1_1_ | roles2_1_ | id9_0_ | descript2_9_0_ | name9_0_ | summary9_0_ | +----------+-----------+--------+----------------------+---------------+----------------+ | 1 | 1 | 1 | administrator's role | administrator | Administration | | 1 | 2 | 2 | editor's role | editor | Editing | +----------+-----------+--------+----------------------+---------------+----------------+ 2 rows in set (0.00 sec) Hibernate obviously knows about the roles, yet getRoles() still returns an empty collection. Hibernate also recognized the relationship sufficiently to put the data in the first place. What problems can cause these symptoms?

    Read the article

  • How can I provide an ASP.NET Forms Authentication UX while using Active Directory Role and Authentic

    - by Nate Bross
    Is it possible to use this Role Provider AspNetWindowsTokenRoleProvider with ASP.NET FORMS Authentication (via this MembershipProvider System.Web.Security.ActiveDirectoryMembershipProvider)? It seems to only work with <authentication mode="Windows">, is it possible to use it with FORMS? background -- The objective here is to provide an ASP.NET Forms UX while using Active Directory as the back-end authentication system. If there is another, easy way to do this using built-in technologies, that's great and I'd like to hear about that as well.

    Read the article

  • How does XmlSiteMapProvider check user to be in specific role?

    - by abatishchev
    I roll my own SiteMapProvider inheriting System.Web.XmlSiteMapProvider. I want to override logic of checking user to be in a role specified in siteMapNode's property roles: <siteMapNode url="Add.aspx?type=user" title="Add user" roles="admin" /> How can I do that? Which class's member does XmlSiteMapProvider call to check that if securityTrimmingEnabled="true"?

    Read the article

  • How does XmlSiteMapProvider check user to be in specified role?

    - by abatishchev
    I roll my own SiteMapProvider inheriting System.Web.XmlSiteMapProvider. I want to override logic of checking user to be in a role specified in siteMapNode's property roles: <siteMapNode url="Add.aspx?type=user" title="Add user" roles="admin" /> How can I do that? Which class's member does XmlSiteMapProvider call to check that if securityTrimmingEnabled="true"?

    Read the article

  • what is the basic role of Ienumerable object in .net?

    - by Shailesh Jaiswal
    I dont know anything about Ienumerable object.what is the role of Ienumarble interface in .net ? Please tell me whether it is in built? Is every class in .net automatically implements the Ienumarable interface ? why there is need to implement the ienumerable interface? what are the methods it contains & what roles they plays. Please explain in detail.

    Read the article

  • Any easy way to delete a user (having many to many relation with role) in acegi, grails?

    - by john
    Hi, In default acegi setting, person and authority have many to many relations. Thus, in addtion to people and authorities, there is a table authotiries-people. To delete a person (a user) I have to delete the related record in authotiries-people first....then come back to delete the record... the problem is: other people are still using this authority (ROLE) could some one enlighten me how to delete the user without deleting the authority? thanks.

    Read the article

  • Using Oracle Proxy Authentication with JPA (eclipselink-Style)

    - by olaf.heimburger
    Security is a very intriguing topic. You will find it everywhere and you need to implement it everywhere. Yes, you need. Unfortunately, one can easily forget it while implementing the last mile. The Last Mile In a multi-tier application it is a common practice to use connection pools between the business layer and the database layer. Connection pools are quite useful to speed database connection creation and to split the load. Another very common practice is to use a specific, often called technical, user to connect to the database. This user has authentication and authorization rules that apply to all application users. Imagine you've put every effort to define roles for different types of users that use your application. These roles are necessary to differentiate between normal users, premium users, and administrators (I bet you will find or already have more roles in your application). While these user roles are pretty well used within your application, once the flow of execution enters the database everything is gone. Each and every user just has one role and is the same database user. Issues? What Issues? As long as things go well, this is not a real issue. However, things do not go well all the time. Once your application becomes famous performance decreases in certain situations or, more importantly, current and upcoming regulations and laws require that your application must be able to apply different security measures on a per user role basis at every stage of your application. If you only have a bunch of users with the same name and role you are not able to find the application usage profile that causes the performance issue, or which user has accessed data that he/she is not allowed to. Another thread to your role concept is that databases tend to be used by different applications and tools. These tools can be developer tools like SQL*Plus, SQL Developer, etc. or end user applications like BI Publisher, Oracle Forms and so on. These tools have no idea of your applications role concept and access the database the way they think is appropriate. A big oversight for your perfect role model and a big nightmare for your Chief Security Officer. Speaking of the CSO, brings up another issue: Password management. Once your technical user account is compromised, every user is able to do things that he/she is not expected to do from the design of your application. Counter Measures In the Oracle world a common counter measure is to use Virtual Private Database (VPD). This restricts the values a database user can see to the allowed minimum. However, it doesn't help in regard of a connection pool user, because this one is still not the real user. Oracle Proxy Authentication Another feature of the Oracle database is Proxy Authentication. First introduced with version 9i it is a quite useful feature for nearly every situation. The main idea behind Proxy Authentication is, to create a crippled database user who has only connect rights. Even if this user is compromised the risks are well understood and fairly limited. This user can be used in every situation in which you need to connect to the database, no matter which tool or application (see above) you use.The proxy user is perfect for multi-tier connection pools. CREATE USER app_user IDENTIFIED BY abcd1234; GRANT CREATE SESSION TO app_user; But what if you need to access real data? Well, this is the primary use case, isn't it? Now is the time to bring the application's role concept into play. You define database roles that define the grants for your identified user groups. Once you have these groups you grant access through the proxy user with the application role to the specific user. CREATE ROLE app_role_a; GRANT app_role_a TO scott; ALTER USER scott GRANT CONNECT THROUGH app_user WITH ROLE app_role_a; Now, hr has permission to connect to the database through the proxy user. Through the role you can restrict the hr's rights the are needed for the application only. If hr connects to the database directly all assigned role and permissions apply. Testing the Setup To test the setup you can use SQL*Plus and connect to your database: $ sqlplus app_user[hr]/abcd1234 Java Persistence API The Java Persistence API (JPA) is a fairly easy means to build applications that retrieve data from the database and put it into Java objects. You use plain old Java objects (POJOs) and mixin some Java annotations that define how the attributes of the object are used for storing data from the database into the Java object. Here is a sample for objects from the HR sample schema EMPLOYEES table. When using Java annotations you only specify what can not be deduced from the code. If your Java class name is Employee but the table name is EMPLOYEES, you need to specify the table name, otherwise it will fail. package demo.proxy.ejb; import java.io.Serializable; import java.sql.Timestamp; import java.util.List; import javax.persistence.Column; import javax.persistence.Entity; import javax.persistence.Id; import javax.persistence.JoinColumn; import javax.persistence.ManyToOne; import javax.persistence.NamedQueries; import javax.persistence.NamedQuery; import javax.persistence.OneToMany; import javax.persistence.Table; @Entity @NamedQueries({ @NamedQuery(name = "Employee.findAll", query = "select o from Employee o") }) @Table(name = "EMPLOYEES") public class Employee implements Serializable { @Column(name="COMMISSION_PCT") private Double commissionPct; @Column(name="DEPARTMENT_ID") private Long departmentId; @Column(nullable = false, unique = true, length = 25) private String email; @Id @Column(name="EMPLOYEE_ID", nullable = false) private Long employeeId; @Column(name="FIRST_NAME", length = 20) private String firstName; @Column(name="HIRE_DATE", nullable = false) private Timestamp hireDate; @Column(name="JOB_ID", nullable = false, length = 10) private String jobId; @Column(name="LAST_NAME", nullable = false, length = 25) private String lastName; @Column(name="PHONE_NUMBER", length = 20) private String phoneNumber; private Double salary; @ManyToOne @JoinColumn(name = "MANAGER_ID") private Employee employee; @OneToMany(mappedBy = "employee") private List employeeList; public Employee() { } public Employee(Double commissionPct, Long departmentId, String email, Long employeeId, String firstName, Timestamp hireDate, String jobId, String lastName, Employee employee, String phoneNumber, Double salary) { this.commissionPct = commissionPct; this.departmentId = departmentId; this.email = email; this.employeeId = employeeId; this.firstName = firstName; this.hireDate = hireDate; this.jobId = jobId; this.lastName = lastName; this.employee = employee; this.phoneNumber = phoneNumber; this.salary = salary; } public Double getCommissionPct() { return commissionPct; } public void setCommissionPct(Double commissionPct) { this.commissionPct = commissionPct; } public Long getDepartmentId() { return departmentId; } public void setDepartmentId(Long departmentId) { this.departmentId = departmentId; } public String getEmail() { return email; } public void setEmail(String email) { this.email = email; } public Long getEmployeeId() { return employeeId; } public void setEmployeeId(Long employeeId) { this.employeeId = employeeId; } public String getFirstName() { return firstName; } public void setFirstName(String firstName) { this.firstName = firstName; } public Timestamp getHireDate() { return hireDate; } public void setHireDate(Timestamp hireDate) { this.hireDate = hireDate; } public String getJobId() { return jobId; } public void setJobId(String jobId) { this.jobId = jobId; } public String getLastName() { return lastName; } public void setLastName(String lastName) { this.lastName = lastName; } public String getPhoneNumber() { return phoneNumber; } public void setPhoneNumber(String phoneNumber) { this.phoneNumber = phoneNumber; } public Double getSalary() { return salary; } public void setSalary(Double salary) { this.salary = salary; } public Employee getEmployee() { return employee; } public void setEmployee(Employee employee) { this.employee = employee; } public List getEmployeeList() { return employeeList; } public void setEmployeeList(List employeeList) { this.employeeList = employeeList; } public Employee addEmployee(Employee employee) { getEmployeeList().add(employee); employee.setEmployee(this); return employee; } public Employee removeEmployee(Employee employee) { getEmployeeList().remove(employee); employee.setEmployee(null); return employee; } } JPA could be used in standalone applications and Java EE containers. In both worlds you normally create a Facade to retrieve or store the values of the Entities to or from the database. The Facade does this via an EntityManager which will be injected by the Java EE container. Here is sample Facade Session Bean for a Java EE container. package demo.proxy.ejb; import java.util.HashMap; import java.util.List; import javax.ejb.Local; import javax.ejb.Remote; import javax.ejb.Stateless; import javax.persistence.EntityManager; import javax.persistence.PersistenceContext; import javax.persistence.Query; import javax.interceptor.AroundInvoke; import javax.interceptor.InvocationContext; import oracle.jdbc.driver.OracleConnection; import org.eclipse.persistence.config.EntityManagerProperties; import org.eclipse.persistence.internal.jpa.EntityManagerImpl; @Stateless(name = "DataFacade", mappedName = "ProxyUser-TestEJB-DataFacade") @Remote @Local public class DataFacadeBean implements DataFacade, DataFacadeLocal { @PersistenceContext(unitName = "TestEJB") private EntityManager em; private String username; public Object queryByRange(String jpqlStmt, int firstResult, int maxResults) { // setSessionUser(); Query query = em.createQuery(jpqlStmt); if (firstResult 0) { query = query.setFirstResult(firstResult); } if (maxResults 0) { query = query.setMaxResults(maxResults); } return query.getResultList(); } public Employee persistEmployee(Employee employee) { // setSessionUser(); em.persist(employee); return employee; } public Employee mergeEmployee(Employee employee) { // setSessionUser(); return em.merge(employee); } public void removeEmployee(Employee employee) { // setSessionUser(); employee = em.find(Employee.class, employee.getEmployeeId()); em.remove(employee); } /** select o from Employee o */ public List getEmployeeFindAll() { Query q = em.createNamedQuery("Employee.findAll"); return q.getResultList(); } Putting Both Together To use Proxy Authentication with JPA and within a Java EE container you have to take care of the additional requirements: Use an OCI JDBC driver Provide the user name that connects through the proxy user Use an OCI JDBC driver To use the OCI JDBC driver you need to set up your JDBC data source file to use the correct JDBC URL. hr jdbc:oracle:oci8:@(DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=localhost)(PORT=1521))(CONNECT_DATA=(SID=XE))) oracle.jdbc.OracleDriver user app_user 62C32F70E98297522AD97E15439FAC0E SQL SELECT 1 FROM DUAL jdbc/hrDS Application Additionally you need to make sure that the version of the shared libraries of the OCI driver match the version of the JDBC driver in your Java EE container or Java application and are within your PATH (on Windows) or LD_LIBRARY_PATH (on most Unix-based systems). Installing the Oracle Database Instance Client software works perfectly. Provide the user name that connects through the proxy user This part needs some modification of your application software and session facade. Session Facade Changes In the Session Facade we must ensure that every call that goes through the EntityManager must be prepared correctly and uniquely assigned to this session. The second is really important, as the EntityManager works with a connection pool and can not guarantee that we set the proxy user on the connection that will be used for the database activities. To avoid changing every method call of the Session Facade we provide a method to set the username of the user that connects through the proxy user. This method needs to be called by the Facade client bfore doing anything else. public void setUsername(String name) { username = name; } Next we provide a means to instruct the TopLink EntityManager Delegate to use Oracle Proxy Authentication. (I love small helper methods to hide the nitty-gritty details and avoid repeating myself.) private void setSessionUser() { setSessionUser(username); } private void setSessionUser(String user) { if (user != null && !user.isEmpty()) { EntityManagerImpl emDelegate = ((EntityManagerImpl)em.getDelegate()); emDelegate.setProperty(EntityManagerProperties.ORACLE_PROXY_TYPE, OracleConnection.PROXYTYPE_USER_NAME); emDelegate.setProperty(OracleConnection.PROXY_USER_NAME, user); emDelegate.setProperty(EntityManagerProperties.EXCLUSIVE_CONNECTION_MODE, "Always"); } } The final step is use the EJB 3.0 AroundInvoke interceptor. This interceptor will be called around every method invocation. We therefore check whether the Facade methods will be called or not. If so, we set the user for proxy authentication and the normal method flow continues. @AroundInvoke public Object proxyInterceptor(InvocationContext invocationCtx) throws Exception { if (invocationCtx.getTarget() instanceof DataFacadeBean) { setSessionUser(); } return invocationCtx.proceed(); } Benefits Using Oracle Proxy Authentification has a number of additional benefits appart from implementing the role model of your application: Fine grained access control for temporary users of the account, without compromising the original password. Enabling database auditing and logging. Better identification of performance bottlenecks. References Effective Oracle Database 10g Security by Design, David Knox TopLink Developer's Guide, Chapter 98

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 13 14 15 16 17 18 19 20 21 22 23 24  | Next Page >