How can I ensure that database security is applied to the current user when I use a connection pool since the connections are created with a default user ID and password?
Location: http://www.jguru.com/faq/view.jsp?EID=61453 Created: May 31, 2000 Modified: 2000-05-31 21:04:17.293 Author: Joe Sam Shirah (http://www.jguru.com/guru/viewbio.jsp?EID=42100) Question originally posed by Daniel Weimer (http://www.jguru.com/guru/viewbio.jsp?EID=25540 In general, you can’t. Nearly all optimizations involve trade-offs and a large part of the developer’s job is to select those that make the most sense under a given set of circumstamces. This is really a security question, which can easily evolve into a can of worms. I’ll start with a quote from JDBC Performance Tips that connection pooling “may also be best suited to apps in which there is a certain class of users that can share connections… This would not be well-suited to apps in which each user had to have their own individual authority verified and used for the connection, since this would conflict with the concept of saving away connections for use by any number of users.” While you may find some database en
Related Questions
- How can I ensure that database security is applied to the current user when I use a connection pool since the connections are created with a default user ID and password?
- Does Minisoft ODBC add any user security -- that is, application level, database level, table level, or column level security?
- Connections per user or Connection Pool – Which is recommended?
