Tuesday, November 1, 2011

Component-managed authentication alias

When you deploy application in WebSphere which uses WebSphere application server JDBC resources, there are number of different ways for specifying security credentials. The simplest way is mention the user name/password programmatically when creating connection in clear text format. Needless to say this is a bad idea as we hard code these credentials in our application. One better way is create a component-managed authentication alias. This involves creating a mapping from an alias name to the userid and password. This alias name is then specified administratively on the connection factory or data source.

If your database is not secured, you do not need to set database authentication. This is not recommended for a production environment.

If your database is secured, you need to set database authentication. You can configure authentication through:

  • The application
  • The administrative console with Component-managed Authentication Alias. This is used when the application resource reference uses res-auth = Application.

If you do not set an alias through the component-managed authentication or otherwise, and your database requires the user ID and password to get a connection, then you will receive an exception during run time
Posted by at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)