I'm trying to make a java application that uses a database. I've downloaded db2 and created a user 'student'. I have the following lines in my program:
con = DriverManager.getConnection(url, "student", "xxxxxx");
and
ResultSet rs= stmt.executeQuery("SELECT sifra, naziv " +
" FROM predmet " +
" WHERE bodovi > 20" );
And the second one throws a SqlSyntaxErrorException with the following message: DB2 SQL Error: SQLCODE=-551, SQLSTATE=42501.
So I looked it up and it seems that the user doesn't have the required level of privilege. So when I tried to run the query in db2 command line, I got:
The statement failed because the authorization ID does not have the required authorization or privilege to perform the operation. Authorization ID: "STUDENT". Operation: "SELECT".
So since obviously I barely know what I'm doing, I don't know how to grant 'student' the necessary privileges. That is, I don't know what user could give him the privileges since I never created another user. I've seen 'db2admin' mentioned (I'm using windows), but I don't know what to do with that piece of information. I don't know how to check the existing users or which password to use for db2admin (if that's even possible).
If you wish for this user to have access you need to determine at what level: Server, Instance, Database, Table, etc. Here is an article about DB2 Granting and various levels.
To make it easy, let assume this user will have full database privileges and we'll use GRANT DATABASE
GRANT ACCESSCTRL, BINDADD, CONNECT, CREATETAB, CREATE_EXTERNAL_ROUTINE,
CREATE_NOT_FENCED_ROUTINE, DATAACCESS, DATAACCESS, EXPLAIN,
IMPLICIT_SCHEMA, LOAD, QUIESCE_CONNECT, SECADM, SQLADM, WLMADM ON
DATABASE DB_STUDENT TO student;
Related
I am doing Mongo DB Java side development and want to connect to Mongo DB instance. I read the authentication part from this link http://mongodb.github.io/mongo-java-driver/3.0/driver/reference/connecting/authenticating/. And it has below method to be used for authentication.
MongoCredential credential = MongoCredential.createCredential(user,
database,
password);
The above code works fine but I need to know the database name first. How to connect to Mongo DB without specifying database? I want to connect to it and return the list of databases for users to select.
As mentioned here, authentication in MongoDB is always does against a source - which can be external - but it is usually a database name.
Whenever you create a user, it is saved in a special collection called system.users in the admin db. Thus, the admin db is implicitly created when you create you first user.
When you want to list your databases, whether it's via a shell helper show dbs or database driver, the listDatabases command is being called behind the scenes.
If you enable authentication, in order to execute this command, you must be a user with a predefined (or custom) role which include the listDatabases privileged actions.
There are few builtin xxxAnyDatabase roles - such as readAnyDatabase role -which include the listDatabases privileged action.
If you want to create a user with any of the xxxAnyDatabase roles, it must be done in the admin database.
So, to make a long story short, if you want to list databases:
Your only option is the admin database as the authentication source
The user must have an adequate role: readAnyDatabase, readWriteAnyDatabase, dbAdminAnyDatabase (or a super user role such as root)
You cannot connect without specifying a database, as users are DEFINED on a database. If you have not explicitly chosen a database where you created your user, the correct (default) database name is "admin".
Thus:
MongoCredential credential = MongoCredential.createCredential("myuser",
"admin",
"secret");
... should do the job.
mvn archetype:generate -DgroupId=com.mkyong.core -DartifactId=mongodb -DarchetypeArtifactId=maven-archetype-quickstart -DinteractiveMode=false
Im working on a project that has an implementation of JOSSO in place.
We are using JOSSO version 1.8.5.
The requirement is to lock users out of the system after 3 failed login attempts.
Does anyone know how / if this can be done with JOSSO, I've looked through the documentation but can't find any references to this kind of functionality, but Im sure it must be pretty standard functionality for an authentication application?
What we've tried so far:
- in josso-gateway-db-stores.xml weve tried changing the SQL used to retrieve users from the database from:
credentialsQueryString="SELECT username AS username , password AS password FROM users WHERE username = ?"
to
credentialsQueryString="UPDATE users SET failed_login_attempts = failed_login_attempts + 1 where username = ?; SELECT username AS username , password AS password FROM users WHERE username = ?"
The plan was to then reset the count as soon as the user successfully logged in to the system. However, it is invalid to run UPDATE sql at this point and throws an Exception.
We have also looked through the josso application to try to find hooks that we can use to implement a callback function after successful/unsuccessful login, unfortunately have had no luck here either.
Does anyone have any experience doing thsi?
Look around JOSSO authenticatorImpl which can be inherited to count the number
of tries to lock the account in a timeboxes hashtable if necessary.
I am making a School management system. In this system, first we have to create a user which gets stored in MySQL Database of Usernames and Passwords. But I am stuck at that step where we have to verify the user. How can I do that? I just need a rough idea guys..:)
I am not sure what you mean by "verify the user" but if you mean by checking if the user is actually in the database, use SQL syntax similar to this:
select username from usertable where username = 'username';
If you have a row returned, then you know that the user is in the database.
Verifying could imply several things among :
- checking if the user exists
- checking if the combination username/password is valid for authentication
- checking if the user profile is valid to interact in your application
This list is most probably not complete
I have a question regarding database transactions where I'm not sure if my understanding is correct. I want to implement a user login in a java application. As there might be multiple servers acting on the same database, and each user can only log in one of those servers, the database has to store a flag if a user is already logged in.
So assume following table structure:
ID | User | PWD | Server
where Server is the reference to the server where the user is logged in to, or NULL if he's not logged in.
When a user logs in, I have to first check if the server value is NULL, and if not, set it to the correspondig reference value. But what happens when in between these 2 statements the user logs in on another server? Can such a condition be detected by transactions? e.g. (pseudo)
conn.setAutoCommit(false);
ResultSet rs = conn.createStatement().executeQuery("SELECT * FROM users WHERE user = 'usr' AND password = 'pwd'");
if (rs.next()) {
rs.getInt("Server");
if (rs.wasNull()) {
// Not logged in
conn.createStatement().execute("UPDATE users SET server = 123 WHERE user = 'usr' AND password = 'pwd'");
conn.commit();
}
} else {
// Usr/Pwd wrong
}
conn.rollback();
What happens if the user logs in between the select and update statements on another server? does the commit fail as the table was altered by someone else during the transaction, or is it executed nontheless?
Should I better use an approach like
UPDATE users SET server = 123 WHERE user = 'usr' AND pwd = 'pwd' AND server IS NULL
and check if 0 rows were affected? If so I have to check if the user exists in a query.
Simmilar issues arise when registering a new user with INSERT. Shoud I use the transaction approach, or declare the user column as UNIQUE and catch SQL exceptions?
Using transactions as you suggest with your pseudocode will solve this, but make sure to set you transaction isolation level to TRANSACTION_REPEATABLE_READ. See this tutorial for details.
You also need to think abount:
Never, never, never store plain text passwords in the database. You need to use a one-way hash. Also, make sure to pay attention to the hashing-algorithm and implementation. Search for "HBGary" and "Anonymous" to read about what might happen if you don't.
Think about what will happen if the user logs in to one server, and the client crashes before he has a chance to log out.
In the case of updating the user's row, you can specify to lock that particular row so that no other jdbc connection can modify it.
I have few SQL Server Agent Jobs running in my project. The jobs run perfectly as scheduled, no issues.
But now I need to be able to start these jobs from the front end (Like on a click of button or so).
How can I do it ?
Do these jobs behave just like a functions ?
You can do this with any db connector I've tried--here are a couple examples...
Using CallableStatement:
Connection rConn = //however you get your connection...
CallableStatement cs = rConn.prepareCall("EXEC dbo.sp_start_job N'your job name'");
boolean checkvar = cs.execute();
Alternatively, if you use a jdbc template:
jdbcTemp = //however you get your template...
jdbcTemp.update("EXEC msdb.dbo.sp_start_job N'" + procName + "'");
Also, you will likely need to adjust the permissions of the msdb in order for this to work. Your account needs to either be a sysadmin or have the SQLAgentOperatorRole role. To set this in SQL Server Management, go to Security under your db engine, expand logins, right click on the account you will use and select properties. Under Server Roles you can grant sysadmin, or under User Mapping check msdb, then select TargetServersRole and SQLAgentOperatorRole from the list below.
hth
you can call it by using the sp_startjob proc
example
EXEC msdb.dbo.sp_start_job N'MyJobName';