Tomcat 6 webapp with datasource deployment
What is the best way to deploy an app with datasource both in development and in production environments?
It is recommended to use META-INF/context.xml to specify Tomcat context bu开发者_开发知识库t I don't understand how should I specify datasource in context.xml:
it's unsafe to put database password in context.xml which can be viewed by all;
how do I maintain two different datasources for production and devel mode?
How do you solve this problem?
I don't understand how should I specify datasource in context.xml:
So:
<?xml version="1.0" encoding="UTF-8"?>
<Context>
<Resource
type="javax.sql.DataSource"
name="jdbc/dbname"
driverClassName="com.mysql.jdbc.Driver"
url="jdbc:mysql://localhost:3306/dbname"
username="java"
password="d$7hF_r!9Y"
maxActive="100" maxIdle="30" maxWait="10000"
/>
</Context>
And in web.xml:
<resource-env-ref>
<resource-env-ref-name>jdbc/dbname<resource-env-ref-name>
<resource-env-ref-type>javax.sql.DataSource</resource-env-ref-type>
</resource-env-ref>
See also:
- Tomcat JNDI resources HOWTO
1: it's unsafe to put database password in context.xml which can be viewed by all;
It can't be viewed by web users. It's only viewable by serveradmins who needs to know about them anyway.
2: how do I maintain two different datasources for production and devel mode?
Define two separate <Resource> each with a different name and toggle the dev/prod mode by some param in web.xml or properties file so that you can dynamically grab the one or the other datasource. E.g.
<context-param>
<param-name>dev</param-name>
<param-value>true</param-value>
</context-param>
with
boolean dev = Boolean.valueOf(getServletContext().getInitParameter("dev"));
if (dev) {
dataSource = getDataSource("jdbc/devdb");
} else {
dataSource = getDataSource("jdbc/proddb");
}
Sorry, Looking for some code to copy and paste I found this Q&A. BalusC's is the right answer and should be marked as the answer but I don't quite agree with point 2
2: how do I maintain two different datasources for production and devel mode?
You don't need to define different context parameters or different datasources. Let's consider:
- The database - has the different databases/schemas and you need specific users and passwords for each database.
- The application server/web container - will have datasource to bind the databases.
- The application - refers to the datasource.
In this scenario, your application server (or whatever you are using) binds the database using the datasource and your application only knows about the datasource. So your local tomcat or whatever you are using binds via the datasource to your local dev database. When you build, pack and deploy in your application for dev, test, production or whatever environment your might have, your application server (or whatever you are using) will have the datasource defined pointing to the right database for that enviroment. You only need to keep the same JNDI name across all app servers.
Placing connection information in the context.xml document is safe to the point that it is not accessible from a client visiting your application, so this is where that information can sit safely. Another method of authentication would be useful for those of us who don't like seeing those passwords in plain text on the server.
Different data sources are an issue that is best solved by dependency injection in my opinion. Using a framework like Spring allows you to specify which resources you are using in configuration instead of code.
加载中,请稍侯......
精彩评论