While using relational databases like MySQL, we can create a JNDI resource in GlassFish server(which I am using) and then use it as DataSource by looking up the context.
Is there an equivalent way for doing this for MongoDB in GlassFish?
If no then what is the best way to store the connection details like DB username and password for MongoDB without hard-coding them into the application or having some kind of properties files inside the web application from where we access the connections details?
I am using a Java Servlet as my web technology.
You can define an alias in glassfish for your password and access it by calling System.getProperty("mypassword")
Related
I have an application using JSF,EJB,JPA, Glassfish. There are multiple(may be around thousand or more) clients using my app, however each client has a separate database. All the databases have the same schema. I would like to determine which database connection to use at the time when a user logs into the system.
For example client A enters client code, username, and password and logs in, I determine that client A belongs to database A, grab the connection for database A and continue on my merry way.
I am using JPA as my persistence provider. Is it possible to set datasource in persistence.xml at runtime? Is there .java version of persistence.xml available? Is there a better/preferred way to do this? PersistenceUnit name will be same for all the connections.
Thanks
If you know all users in advance then you can create separate persistence unit for every user in persistence.xml and use factory for select Persistence Unit Name for users. Addition of users, require modification in persistence.xml and redeployment of Application.
I want to migrate the management and application users created in jboss using add-user.bat utility while upgrading the jboss version.
For that i was thinking if it is possible to store the users created in jboss in a database or may be something like serializing them while creating and update the jaas cache of the jboss server at the time of boot up.
Is there any way to export the user list from an existing jboss installation?
So can anyone please help me with either of the above?
Or may you please suggest me which should be the best approach?
Unfortunately, there is no direct way of exporting application/management users from the JBoss server. But all the application and management users created for jboss will present in application-users.properties and mgmt-users.properties files.
You can get usernames with the encrypted password in the following format
username=HEX( MD5( username ':' realm ':' password))
e.g.
admin=2a0923285184943425d1f53ddd58ec7a
All the roles and groups for the users will present in application-roles.properties
and mgmt-groups.properties files.
Location for above files :
standalone mode: JBOSS_HOME/standalone/configuration/
domain mode: JBOSS_HOME/domain/configuration/
I am developing a Jee7 project and would like to employ mongoDB as the backend database.
My jee7 application will run on Glassfish 4.
I wish to use the Glassfish 4 admin console to configure my mongoDB jdbc connection pool etc..
However Glassfish 4 doesn't list mongoDB in its list of supported Database Driver Vendor
Does this mean that you do not configure mongoDB in the same way as say DB2 or MySQL?
I could configure mongoDB using a EJB singleton, but that doesn't feel correct.
I don't think you can without writing your own resource adapter. First, mongodb is non-transactionable, so it's not like it needs to participate in any transaction related events. Second, their java driver manages the connection with their own internal connection pool.
Although it would be nice to configure the resource outside of the app, in reality you should just create a singleton bean and do everything from there.
Also take a look at producers.
I've been following a tutorial with express, node and mongo.
I have in a config file on the server side:
production:{
db:'mongodb://MYUSERNAME:MYPASSWORD#ds033307.mongolab.com:33307/dbname',
rootPath:rootPath,
port:process.env.PORT||80
}
so, i have my username and password in clear text in a server side javascript file. should i be worried about this? if yes, where else can I put it?
Thanks.
Edit: I went back and had a look at mongolab and heroku (where my site is hosted) docs.
Where I found: "The MongoLab add-on contributes one config variable to your Heroku environment: MONGOLAB_URI", and so I was able to put the MONGOLAB_URI env var into my config and move the password out of the source code.
With regards to the same datacenter, am I right to assume heroku would not be hosting my mongolab database in their datacenter, but would instead be calling out to a cloud service mongo database? Not much I can do then, is there, if I want to stick with mongolab and heroku?
I know this question is old but according to Heroku's docs they currently use 2 datacenters (https://devcenter.heroku.com/articles/regions#data-center-locations).
Their US server is 'amazon-web-services::us-east-1' and their EU alternative is 'amazon-web-services::eu-west-1'.
Both of these data centers are available when launching mongo instances on Mongolab so you can choose for both your app and your db to be on the same datacenter giving much improved security.
I think you should always be concerned about storing passwords in source code files. Generally you would be much better off keeping it in a configuration file that is managed separately. This gives you the flexibility to use the same code with a different configuration file to point to development or qa databases.
Of bigger concern perhaps - are you hosting your application in the same datacenter that MongoLab is hosting your database? If not, that user name and password, along with your data, will traverse the internet in the clear.
MongoLab does not currently support SSL (other than for their RestAPI) so even they recommend being in the same data center:
Do you support SSL?
Not yet but it is on our roadmap to be available in Summer 2014. In
the meantime, we highly recommend that you run your application and
database in the same datacenter. If you have a Dedicated plan, we also
highly recommend that you configure custom firewall rules for your
database(s).
Rest API:
Each MongoLab account comes with a REST API that can be used to access
the databases, collections and documents belonging to that account.
The API exposes most the operations you would find in the MongoDB
driver, but offers them as a RESTful interface over HTTPS.
I would definitely read MongoLab's security page fairly closely:
https://docs.mongodb.com/manual/security/
I want to use Java DB in embedded mode in a Java application running from a CD-ROM. Does anyone have any experience of doing this? Will it work? The database will only have selects issued against it.
This is possible: Deploying the database on the read-only media
Also I have noted select statements work when the database is owned by root with all write access withdrawn and is accessed by a non-privileged user.