AnsweredAssumed Answered

Securize JNDI database connections

Question asked by B548L0PB on Nov 27, 2018
Latest reply on Dec 20, 2018 by Dan Keeley

We have almost 15 diferent datasources, related to diferent services. Acord to development/requirements convenience, all of them are standard JNDI connections.

 

E.g. Three of them: News, projects and accounting.

 

We also have several user roles, with diferent access rights. E.g. everyone can see News data, but only project managers can see projects data, and so on.

 

Everyone can upload it`s own reports or create custom dashboards, so just knowing JNDI names, you can access whole server data with no restriction... We can't find how to restrict datasource acces by role, how do you think it can be done?

Outcomes