[jboss-user] [JCA/JBoss] - Re: Passing current user identity to the back-end database

[adrian@jboss.org]

I'm going to bounce you around. ;-)
The problem you have is really a Seam problem.
That's because you already solved the problem you were trying to solve.

JCA SIDE

The configuration you have looks correct to me,
provided you are running in a context where somebody has logged in.

You don't have a default user/password so the datasource will be unusable in
other contexts.

That means your JCA issue is resolved.

SEAM SIDE

You don't use the testDBRealm within Seam, you need to provide a real
mechanism to validate users and passwords.

The JCA policy is for the question "what user/password should I use to access the
database?". Your answer is "use the subject established on the thread".

The Seam policy is for the question "how do I know the user/password typed in
by the user is correct?". Your answer such be a real validation mechanism
NOT "use what is already established on thread" which is most likely nothing. :-)

This real policy will establish the subject on the thread.

WHY THIS IS REALLY A SEAM/HIBERNATE/EJB3 QUESTION

Your real problem is that there is some initialization
during deployment. This runs on the deployment thread.

There has been no login on that thread.

You don't have a default user/password for such contexts so it is going to fail.

If you don't want to specify a default then you need some hook or configuration
where you can say "during deployment I want you to login as this user/password".

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4063694#4063694

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4063694