I'm developing a Java application that will allow users to update information in an Oracle database via a Swing GUI. I know how to write the code that does all of this but I'd like to incorporate Spring into the application.
I've been reviewing the Spring and MyKong tutorials on using Spring to connect to an Oracle database and I've successfully got one tutorial example working. It uses an XML file ("Spring-Datasource.xml") to connect to its database. This file contains the driver information, the database URL and currently my own database username and password which I'm using to connect.
I'd like for users to be able to log into the application with their own Oracle database accounts (they're going to be updating/creating data in the database so it made sense to me to use their database credentials as login credentials for the application too). My question is this normally done? Because of the security protocols of my employer I can't create a functional database account with its username and password plainly visible in the XML datasource file that the application will use. How can I use Spring in such a way that users are prompted for their database credentials before they log in?
There's nothing exotic about Spring beans. They are like any other Java objects with setters and getters.
Notice that DriverManagerDataSource has inherited setUserName() and setPassword() from one of its ancestor classes.
If you weren't using Spring, wouldn't your flow be like this?
1. Launch application
2. Show login dialog and get username and password.
3. Set the username and password into DataSource object.
4. Proceed to display other windows which use that DataSource.
That's right, at the minute my application structure is as follows
Login GUI with Username and Password fields and a "Go" button
Data Access Layer object that uses plain old JDBC to connect to the Oracle database
The GUI has a variable of type Data Access Layer so when a user enters their details and clicks "Go" the application creates the Data Access Layer object which in turn connects to the database. If the connection is successful it opens another GUI and users can use that to update/enter data to their heart's content. If the connection is not successful then this information is displayed to the user.
I thought that the contents of a Spring Bean file were never supposed to change? Is that not how it works? Complete Spring newbie, I should add :-)
Simon Ritchie wrote:I thought that the contents of a Spring Bean file were never supposed to change
I suspect you have misunderstood the role of a Spring context XML file.
In a non-Spring application:
- you'd usually create a bunch of objects at application startup using "new <class>()" statements
- you'd initialize those objects with values or references to other objects using setter methods
This is exactly what Spring does when it reads a context XML file at startup. It's the same "new" statements and "setMethods" expressed in XML.
After those objects are created, the application context XML does not come into play.
When you set username and password on the DriverManagerDataSource object from login screen, they are set in that object's memory, not in the XML file.
Spring does not modify a context XML file.
When your application terminates, the username and password are lost from memory. On next launch, your user should reenter them.
Those values are system properties (passed in via java -Dprop=value command line arguments) or from a properties file loaded using PropertyPlaceholderConfigurer.
But they won't help your scenario because Spring loads the XML at startup which means these should be populated when application is starting up.
The only way to do what you want is to get the username and password from user, and use setUsername/setPassword on the DataSource bean.
You can get the reference to the DataSource bean using appContext.getBean("<bean-name>").