Originally posted by Balaji Loganathan:
It is a not good way to use the user entered credentials for connecting to database directly. Of course you will get an error message after a long time bcos the class to get a connection to db.
Originally posted by Paul Sturrock:
One way would be to validate the login credentials when you get them (I'm not 100% sure why you wouldn't do this anyway - if you don't do this, why get them at all?). All you need to do is try to directly create a Connection with these credentials and catch the SQLException if one is thrown. You could parse the Exception to make sure it is a permissions exception, but since any SQLException when you create a connection amounts to the same thing (i.e. you can't connect) I'm not sure this matters.
Why should I get an useless JDBC connection only to verify the credentials?
It's hibernate's and the connection pool's task.
The most database tools I know, come up with an error message in case of failing login data. Why can I not do so?
Because the connection pool will try to connect the database, I think it must be able to detect failing login data and to come up with an appropriate message (therefore we have the SQL return codes), instead of retrying to connect over and over again and at last to come up with an unspecified connection error.
Now considering the applciation you have described it sounds like a stand alone desktop application. If it is, why are you using a connection pool? You only need a maximum of one connections.