3

I read this comment: "don't use JDBCRealm at all: it does not scale at all since there is a single JDBC Connection object used for all database communication. You are better off using DataSourceRealm"

What does it mean in a greater detail?

The Bitman
  • 1,279
  • 1
  • 11
  • 25

1 Answers1

3

Incase you don't know about why and what realms are- for JAVA web applications, authentication and authorization can be handled either by the application or by the container(Tomcat etc.). If one chooses to use the container, you need to specify a user-store(a place where usernames,hopefully encrypted passwords, roles etc are stored). This could even be your tomcat-users xml incase of Tomcat. Or you could use a database(MYSQL etc.) or a directory(Active Directory etc.) . Tomcat connects to the database using JDBC(your JDBC realm) and to the directory using JNDI(your DataSourceRealm).

Coming to your question JDBC connections are expensive, have pooling limitations, and suffer from high synchronization which means in a high load application, authentication may fail for some requests due to unavailability JDBC. JNDI has better pooling being read optimized, and as such gives better performance.

Umar Ashraf
  • 192
  • 3
  • Thanks for your reply! I tried to create a non JDBC resource in Glassfish, but what should I write into the JNDI name (as JDBC starts with jdbc what is here) and what is the factory class? :O – The Bitman Mar 01 '16 at 21:38
  • Or the one you recommended not a db based at all? (file based) I need the db storage because of the ability of the dynamic registration. – The Bitman Mar 01 '16 at 22:01
  • File-based is certainly not the best way. Like I said there is something called as a directory a.k.a user store (like Microsoft Active Directory) which is used for storing user data. Directories are read optimized, meaning read operations are much faster than write operations. Depending on how big the audience of your application is, you can decide whats best for your application. Most organizations with over a thousand people use a directory for user data. You can also use DB if there is not a huge performance concern based on the number of users you expect. – Umar Ashraf Mar 02 '16 at 05:05
  • As for Glassfish, you will have to check the documentation of the server. I am assuming there is not a universal standard for configurations. So Tomcat would be different than Jetty, and Jetty would be different tthan Glassfish and so on. For Apache Tomcat, you can try this https://tomcat.apache.org/tomcat-6.0-doc/realm-howto.html#DataSourceRealm – Umar Ashraf Mar 02 '16 at 05:08
  • 1
    Also, you don't strictly need a directory for DataSourceRealm, you may use JDBC database also in DataSourceRealm. DataSourceRealm is just a JNDI wrapper. All you need to do is configure the JDBC database as per the spec for DataSourceRealm. – Umar Ashraf Mar 02 '16 at 05:12
  • I have to register the users in db so i don't want to handle a dir as well parallel. Could you link an example for this wrapping, please?My users regs themselves through http. Not by HR. – The Bitman Mar 02 '16 at 07:04
  • 1
    It appears that GlassFish doesn't wrap JDBC in DataSourceRealm, see https://docs.oracle.com/cd/E18930_01/html/821-2418/beabo.html . But Tomcat does and here is a detailed guide to do so - https://tomcat.apache.org/tomcat-6.0-doc/realm-howto.html#DataSourceRealm – Umar Ashraf Mar 02 '16 at 07:22
  • Thank you very much. Then i will install tomcat and use within netbeant. Thanks a lot again. – The Bitman Mar 02 '16 at 07:24