English

How To: Use the JDBC-ODBC Bridge to implement ArcIMS authentication with an MSAccess database

Summary

Instructions provided outline the steps required to use JDBC authentication with a Microsoft Access database.

Procedure

The example below uses the following software products:

  • ArcIMS 9.1
  • MSAccess 2000 or 2003
Note:
Microsoft Access ODBC driver version 4.00.6019.00,or later, included with MDAC 2.5, is required. Prior versions of the driver cannot be used.
Follow these steps:
  1. Start MSAccess. Create a new Microsoft Access database named 'acl.mdb' and save it either on a local drive of the ArcIMS machine OR in a network folder that is accessible from the ArcIMS machine.
  2. Create a table named, for example, 'acl_users' in Design view. This table contains the list of usernames and passwords for the people accessing the ArcIMS map services. It also contains a unique user ID field that ArcIMS use to relate this table to the permissions table.
    Note:
    The name of the table should be the same as the name you specified in the Esrimap_prop file for jdbcUserTable.
  3. Add three fields to the 'acl_users' table with the following properties:

    a) Field Name: userid
    Data Type: Number
    Field Size: Long Integer
    Format: General Number
    Decimal Places: 0

    b) Field Name: username
    Data Type: Text
    Field Size: 64

    c) Field Name: password
    Data Type: Text
    Field Size: 64
  4. Now open the 'acl_users' table, and create the following records. After creating the records, save the table.

    userid = 1
    username = *
    password = <Leave blank>

    userid = 2
    username = "test"
    password = "pass"
    Note:
    The asterisk (*) is used to indicate map services that all clients should have access to without entering a username and password. This global user account can be assigned to chosen map services as you will see in Step 7.
  5. Create a second table named, for example, 'acl_permissions' in Design view. This table associates each map service with one or more usernames and passwords. It is linked to the 'acl_users' table via the 'userid' field.
    Note:
    The name of this table should be the same as the name you specified in the Esrimap_prop file for jdbcPermTable.
  6. Add seven fields to the 'acl_permissions' table with the following properties:

    a) Field Name: userid
    Data Type: Number
    Field Size: Long Integer
    Format: General Number
    Decimal Places: 0

    b) Field Name: service
    Data Type: Text
    Field Size: 64

    c) Field Name: active
    Data Type: Number
    Field Size: Long Integer
    Format: General Number
    Decimal Places: 0

    d) Field Name: expiration
    Data Type: Date/Time
    Format: General Date

    e) Field Name: tclients
    Data Type: Memo

    f) Field Name: ftags
    Data Type: Memo

    g) Field Name: roles
    Data Type: Memo
    Note:
    Click No if asked to create a primary key.
  7. Open the 'acl_permissions' table and create the following records. After creating the records, save the table.

    userid = 1
    service = <Enter MapService1>
    active = 1

    userid = 2
    service = <Enter MapService2>
    active = 1

    userid = 2
    service = <Enter MapService3>
    active = 1

    Since no password is set for the global user acount, this means that MapService1 is not access controlled. Meanwhile, both MapService2 and MapService3 are access controlled by username 'test' and password 'pass'.
    Note:
    This example shows a basic configuration of the permissions table.  An option is to fill in the other columns to add additional restrictions on the service. For more information on the ACL attributes, refer to "Enabling authentication with a JDBC-based ACL" and "ACL attribute reference" in the ArcIMS Help.
  8. Start the ODBC Data Source Administrator.
    For Windows NT:
    Click Start > Settings > Control Panel > ODBC Administrator.

    For Windows 2000/2003:
    Click Start > Settings > Control Panel > Administrative Tools > Data Sources (ODBC).
  9. In the ODBC Data Source Administrator dialog box, select the tab 'System DSN'. Click Add.
  10. Select Microsoft Access Driver. Click Finish.
  11. An ODBC Microsoft Access Setup dialog box appears. Enter the Data Source Name, for example, 'ArcIMS_ACL' and click Select in the 'Database' section of the dialog box. Navigate to and select the Microsoft Access database file, in this example, 'acl.mdb'.
  12. Click OK. Confirm that 'ArcIMS_ACL' system DSN was added to the ODBC Data Source Administrator.
  13. Modify the Esrimap_prop file.
    1. Navigate to the location of the 'Esrimap_prop' file in the ArcIMS Servlet Connector's directory associated with the Web Server/Servlet Engine.
      For ServletExec:
      <drive>:\Program Files\New Atlanta\ServletExec ISAPI\Servlets
      For Tomcat:
      <drive>:\<Tomcat Install Location>\webapps\servlet\WEB-INF\classes
    2. Rename the existing 'Esrimap_prop' file to 'Esrimap_prop_original' for backup.
    3. Copy the file 'Esrimap_prop_original' and rename the copy to 'Esrimap_prop' in the same location.
      Note:
      The original 'Esrimap_prop' file settings are stored in the backup file 'Esrimap_prop_original'.
    4. Edit or confirm, in the new 'Esrimap_prop' file, the following attributes and values:
      Note:
      Some attributes may need to be made active by removing the # commenting symbol.
      authenticate=True
      authMethods=Basic
      authenticateWithSessions=True
      useJdbc=True
      jdbcDriver=sun.jdbc.odbc.JdbcOdbcDriver
      jdbcUrl=jdbc:odbc:ArcIMS_ACL
      jdbcUser=<user>
      jdbcPassword=<password>
      jdbcPermTable=acl_permissions
      jdbcUserTable=acl_users
      jdbcUidColumn=userid		
      Note:
      The jdbcDriver value 'sun.jdbc.odbc.JdbcOdbcDriver' references the Java class containing the JDBC-ODBC Bridge functionality. It is included with the JRE/JDK. The jdbcUrl value 'jdbc:odbc:ArcIMS_ACL' is standard syntax for referencing the ODBC system DSN that the JDBC-ODBC Bridge is using.
      Note:
      Note that a jdbc user and password are not required when using an Access database.</b> See the ArcIMS Help documentation under "Enabling authentication with a JDBC-based ACL" for more details on attributes and values.
      Note:
      It is possible to use a third-party JDBC driver. For example, Oracle or Microsoft JDBC drivers can connect directly to the RDBMS. These drivers often can be found at the corresponding software manufacturers' support sites. When using these drivers, ensure that the driver is available in the servlet engine's common library directory. For example, Tomcat maintains the common library directory in $CATALINA_HOME/common/lib. In most cases, copy one or more JAR files associated with the JDBC driver to this directory.
      E. Save the Esrimap_prop file.
      F. Restart the Web server and servlet engine.
      Note:
      If using IIS as the Web server, it may be necessary to configure IIS for authentication. For more information, refer to step 8 in the ArcIMS Help topic, "Enabling authentication with a JDBC-based ACL".

Related Information