8-4 Programming Resource Adapters for Oracle WebLogic Server

8.2.2.1 Non-initial Connection: Requires ManagedConnection from Adapter Upon Applications Request

WebLogic Server requires a ManagedConnection from the adapter upon an applications request. For example, an application wants to get a connection from a pool but there is no available ManagedConnection in the pool so WebLogic Server needs to make a request to the adapter to create a new ManagedConnection. The server searches for mappings in the following order: 1. Specific mappings or anonymous mapping if unauthenticated at the connection factory level. 2. Specific mappings or anonymous mapping if unauthenticated at the global level. 3. Default mappings at the connection factory level. 4. Default mappings at the global level. For example, in Example 8–1 , consider two connection pools with the following credential mappings: Example 8–1 Credential Mapping Examples poolA system user name: admin system password: adminpw default user name: guest1 default password: guest1pw1 poolB wlsjoe user name: harry wlsjoe password: harrypw global system user name: sysman system password: sysmanpw wlsjoe user name: scott wlsjoe password: tiger default user name: viewer default password: viewerpw anonymous user name: foo anonymous password: bar Referring to the example provided in Example 8–1 , consider an application authenticated as system that makes a connection request against poolA. Because a specific credential mapping is defined for system for poolA, the resource adapter uses this mapping adminadminpw. If the application makes the same request against poolB as system, there is no corresponding specific credential mapping for system. Therefore, the server searches for the credential mapping at the global level where it finds a mapping sysmansysmanpw. If another application authenticates as wlsjoe and makes a request against poolA, it finds no mapping for wlsjoe defined for poolA. It then searches at the global level and finds a mapping for wlsjoe scotttiger. Against poolB, the application would find the mapping defined for poolB harryharrypw. Note: Applies only to Container-Managed sign-on. Security 8-5 If an application authenticated as user1 makes a request against poolA, it finds no mapping for user1 for poolA. The following sequence occurs: 1. The application searches at the global level, which also has no mapping for user1. 2. The application searches the poolA mappings for a default mapping and finds a default mapping. If an application doesnt authenticate to WLS and makes a request against poolA, it finds no mapping for anonymous user for poolA. It then searches at the global level and finds a mapping for the anonymous user foobar.

8.2.2.2 Initial Connection: Requires a ManagedConnection from Adapter Without Applications Request