Configuring authentication aliases for Liberty
You can configure an authentication data alias to use with a resource reference for authentication in Liberty.
About this task
To avoid having to code user IDs and passwords for data sources in your applications, you can configure the application server to use authentication data to provide the user IDs and passwords. For resources that use container authentication, you can configure authentication data and aliases in several ways, some of which include:
- Create a unique authentication data element
(
authData
) with the proper credentials and refer to it in your application bindings file. - Create a container default authentication element
(
containerAuthData
) with the necessary credentials. You don't need to refer to the alias or the name of theauthData
element in your application bindings file. - Create a unique authentication data element
(
authData
) with the proper credentials and make it the default container authentication for a data source by referring to it with containerAuthDataRef on thedataSource
element.
Creating an authData
element enables each resource reference to a data source to
use different authentication credentials. The containerAuthData
element establishes
default credentials for container authentication in the absence of an authentication alias in the
bindings for a resource reference.
Configuring authentication data and aliases with authData and a resource reference
Create an authentication data element (authData
) with the proper credentials and
refer to it in your application bindings file.
- Add the following elements to the server configuration file, server.xml.
- Add the wanted version of the JDBC feature to the feature manager
element.
<featureManager> <feature>jdbc-4.1</feature> </featureManager>
- Add an
authData
element. If theauthData
element is a top-level configuration element, you must set the id attribute value to a unique authentication alias.<authData id="auth1" user="dbuser1" password="dbuser1pwd"/>
- Add a data source element.
<dataSource jndiName="jdbc/mydbresource"> ... </dataSource>
- Add the wanted version of the JDBC feature to the feature manager
element.
- Configure the IBM deployment descriptor bindings file of your application, for example, the
ibm-web-bnd.xml file. Use the
authentication-alias
element in the resource reference. The name attribute value must match the id attribute in the server.xml file.<resource-ref name="jdbc/mydbresource" binding-name="jdbc/mydbresource"> <authentication-alias name="auth1"/> </resource-ref>
- Add a Resource annotation to your application to enable the application server to inject the
resource reference or add the resource to your application deployment
descriptor.
@Resource (lookup="jdbc/mydbresource") DataSource mydbresource;
Configuring authentication data and aliases with containerAuthData
Use a nested container default authentication data element without needing to reference an
authData
alias in your application bindings file.
- Add the following elements to the server configuration file, server.xml.
- Add the wanted version of the JDBC feature to the feature manager
element.
<featureManager> <feature>jdbc-4.1</feature> </featureManager>
- Create a data source with a nested container authentication data
element.
<dataSource id="myDS" jndiName="jdbc/mydbresource" > <containerAuthData user="myUserid" password="myPassword"></containerAuthData> ... </dataSource>
- Add the wanted version of the JDBC feature to the feature manager
element.
- Add a Resource annotation to your application to enable the application server to inject the
resource reference or add the resource to your application deployment
descriptor.
@Resource (lookup="jdbc/mydbresource") DataSource mydbresource;
Configuring authentication data and aliases with authData and containerAuthDataRef
Create an authData
element with the proper credentials and make it the default
container authentication for a data source by referring to it with
containerAuthDataRef on the dataSource
element.
- Add the following elements to the server configuration file, server.xml.
- Add the wanted version of the JDBC feature to the feature manager
element.
<featureManager> <feature>jdbc-4.1</feature> </featureManager>
- Create a data source with a container authentication reference to an
authData
element.<authData id="auth1" user="dbuser1" password="dbuser1pwd"/> <dataSource id="myDS" jndiName="jdbc/mydbresource" containerAuthDataRef="auth1"> ... </dataSource>
- Add the wanted version of the JDBC feature to the feature manager
element.
- Add a Resource annotation to your application to enable the application server to inject the
resource reference or add the resource to your application deployment
descriptor.
@Resource (lookup="jdbc/mydbresource") DataSource mydbresource;