Network Deployment (Distributed operating systems), v8.0 > Reference > Sets


J2C connection factories settings

Use this panel to specify settings for a connection factory.

We can access this administrative console page in one of two ways:



Scope

Scope of the resource adapter that connects applications to an enterprise information system (EIS) through this connection factory. Only applications that are installed within this scope can use this connection factory.


Provider

Resource adapter that WAS uses for this connection factory.

Provider can be set only when you create a new connection factory. The list shows all of the existing resource adapters that are defined at the relevant scope. Select one from the list to use an existing resource adapter as Provider.


Create new provider

Provides the option of configuring a new resource adapter for the new connection factory.

Create New Provider is displayed only when you create, rather than edit, a connection factory.

Click Create New Provider triggers the console to display the resource adapter configuration page, where you create a new adapter. After you click OK to save your settings, you see the connection factory collection page. Click New to define a new connection factory for use with the new resource adapter; the console now displays a configuration page that lists the resource adapter as the new connection factory Provider.


Name

Name of this connection factory.

This is a required property.

Information Value
Data type String


JNDI name

JNDI name of this connection factory.

For example, the name could be eis/myECIConnection.

After you set this value, save it and restart the server. We can see this string when you run the dumpNameSpace tool. This is a required property. If you do not specify a JNDI name, it is completed by default using the Name field.

Information Value
Data type String
Default eis/display name

Adhere to the following requirements for JNDI names:



Description

Text description of this connection factory.

Information Value
Data type String


Connection factory interface

Fully qualified name of the Connection Factory Interfaces supported by the resource adapter.

This is a required property. For new objects, the list of available classes is provided by the resource adapter in a drop-down list. After creation of the connection factory, the field is a read only text field.

Information Value
Data type Drop-down list or text


Category

String that you can use to classify or group this connection factory.

Information Value
Data type String


Authentication alias for XA recovery

Authentication alias used during XA recovery processing. If this alias name is changed after a server failure, the subsequent XA recovery processing uses the original setting that was in effect before the failure.

Select an alias from the list.

To define a new alias that is not displayed in the list:

  1. Click Apply. Under Related Items, you now see a listing for Java EE Connector Architecture (J2C) authentication data entries.

  2. Click JAAS - J2C authentication data.

  3. Click New.
  4. Define an alias.

  5. Click OK and Save. The console now displays an alias collection page that lists all configured aliases. Above the table, this page also displays the name of your connection factory in the breadcrumb path.

  6. Click the name of your J2C connection factory to return to the configuration panel for the connection factory that you are creating.

  7. Select the new alias in the container-managed authentication alias list.

  8. Click Apply.

If the resource adapter does not support XA transactions, this field is not displayed. The default value comes from the selected alias for application authentication, if specified.

If we have defined multiple security domains and multiple authentication aliases in the application server, you can click Browse... to select an authentication alias for the resource that you are configuring. Security domains allow you to isolate authentication aliases between servers. The tree view is useful in determining the security domain to which an alias belongs, and the tree view can help you determine the servers that is able to access each authentication alias. The tree view is tailored for each resource, so domains and aliases are hidden when you cannot use them.

The browse button is only accessible if at least one security domain is defined and assigned a scope that is applicable to the resource that is being edited. Additionally, that security domain must contain at least one JAAS J2C Authentication alias.

Information Value
Data type Drop-down list


Component-managed authentication alias

Specifies authentication data for component-managed signon to the resource.

Select an alias from the list.

To define a new alias that is not displayed in the list:

  1. Click Apply. Under Related Items, you now see a listing for Java EE Connector Architecture (J2C) authentication data entries.

  2. Click JAAS - J2C authentication data.

  3. Click New.
  4. Define an alias.

  5. Click OK and Save. The console now displays an alias collection page that lists all configured aliases. Above the table, this page also displays the name of your connection factory in the breadcrumb path.

  6. Click the name of your J2C connection factory to return to the configuration panel for the connection factory that you are creating.

  7. Select the new alias in the container-managed authentication alias list.

  8. Click Apply.

If we have defined multiple security domains and multiple authentication aliases in the application server, you can click Browse... to select an authentication alias for the resource that you are configuring. Security domains allow you to isolate authentication aliases between servers. The tree view is useful in determining the security domain to which an alias belongs, and the tree view can help you determine the servers that is able to access each authentication alias. The tree view is tailored for each resource, so domains and aliases are hidden when you cannot use them.

The browse button is only accessible if at least one security domain is defined and assigned a scope that is applicable to the resource that is being edited. Additionally, that security domain must contain at least one JAAS J2C Authentication alias.

Information Value
Data type List

The alias that you configure for component-managed authentication does not apply to all clients that must access the secured resource. External Java clients with JNDI access can look up a Java 2 Connector (J2C) resource such as a data source or JMS queue. However, they are not permitted to take advantage of the component-managed authentication alias defined on the resource. This alias is the default value used when the getConnection() method does not specify any authentication data, like user and password, or a value for ConnectionSpec. If an external client needs a connection, it must assume responsibility for the authentication by passing it through arguments on the getConnection() call.

However, if clients such as servlets or enterprise beans run in processes within the same cell of the application server, and the clients can look up a resource in the JNDI namespace, these clients can obtain connections without explicitly providing authentication data on the getConnection() call. In this case, if the component res-auth setting is Application, authentication is taken from the component-managed authentication alias that is defined on the connection factory. When you set res-auth to Container, authentication is taken from the login configuration that is defined on the component resource-reference. If the resource reference for the component does not define a login configuration, authentication is taken from the Container-managed authentication alias that is defined on the connection factory. The J2C authentication alias is per cell. An enterprise bean or servlet in one application server cannot look up a resource in another server process that is in a different cell, because the alias would not be resolved.


Map-configuration alias

Authentication alias for the JAAS mapping configuration used by this connection factory.

The DefaultPrincipalMapping JAAS configuration maps the authentication alias to the user ID and password. We can define and use other mapping configurations. Some mapping-configuration aliases do not use container-managed authentication aliases, so you cannot select a container-managed authentication alias if one of those mapping-configuration aliases is selected.

Information Value
Data type Pick-list


Container-managed authentication alias

Specifies authentication data, which is a JAAS - J2C authentication data entry, for container-managed signon to the resource. This setting can be disabled depending on the value that is selected for the Mapping-configuration alias setting.

Select an alias from the list.

To define a new alias that is not displayed in the list:

  1. Click Apply. Under Related Items, you now see a listing for Java EE Connector Architecture (J2C) authentication data entries.

  2. Click JAAS - J2C authentication data.

  3. Click New.
  4. Define an alias.

  5. Click OK and Save. The console now displays an alias collection page that lists all configured aliases. Above the table, this page also displays the name of your connection factory in the breadcrumb path.

  6. Click the name of your J2C connection factory to return to the configuration panel for the connection factory that you are creating.

  7. Select the new alias in the container-managed authentication alias list.

  8. Click Apply.

If we have defined multiple security domains and multiple authentication aliases in the application server, you can click Browse... to select an authentication alias for the resource that you are configuring. Security domains allow you to isolate authentication aliases between servers. The tree view is useful in determining the security domain to which an alias belongs, and the tree view can help you determine the servers that are able to access each authentication alias. The tree view is tailored for each resource, so domains and aliases are hidden when you cannot use them.

The browse button is only accessible if at least one security domain is defined and assigned a scope that is applicable to the resource that is being edited. Additionally, that security domain must contain as least one JAAS J2C Authentication alias.

Information Value
Data type Pick-list


Authentication preference

Authentication mechanisms defined for this connection factory.

This setting specifies which of the authentication mechanisms defined for the corresponding resource adapter applies to this connection factory. Common values, depending on the capabilities of the resource adapter, are: KERBEROS, BASIC_PASSWORD, and None.

If None is chosen, the application component is expected to manage authentication ( <res-auth>Application </res-auth>). In this case, the user ID and password are taken from one of the following:

For example, if two authentication mechanism entries are defined for a resource adapter in the ra.xml document:

The authentication preference specifies the mechanism to use for container-managed authentication. An exception is issued during server startup if a mechanism that is not supported by the resource adapter is selected.

Information Value
Data type Pick-list
Default BASIC_PASSWORD

Relational resource adapters and JCA
JDBC providers
Configure Java EE Connector connection factories in the administrative console

+

Search Tips   |   Advanced Search