这里:
<DB_NAME>=myDatabase
<DB_PORT>=5432
<DB_USER>=myUser
<DB_USER_PWD>=myPassword
<SCHEMA_NAME>=mySchema
<DB_CONN_POOL>=postgreSQLPool
<DATA_SRC>=myDatabaseDS
程序:
a) 允许防火墙 glassfish 服务器,postgres 端口,例如在 centos7
#systemctl enable firewalld
#firewall --add-port=<DB_PORT>/tcp --permanent
##systemctl reload firewalld (<---doesn't work)
#firewall-cmd --reload
b) 为用户的 SSL 登录配置 pg_hba.conf:
hostnossl all all 0.0.0.0/0 reject
hostssl all postgres 0.0.0.0/0 reject
hostssl <DB_NAME> <USER_NAME> <IR_ADDR> md5
c) 在所需对象上创建用户、数据库、模式并向用户授予特权,例如:
###CREATE USER
sudo -u postgres psql -p <DB_PORT> -d postgres -c "CREATE USER <USER_NAME> ENCRYPTED PASSWORD 'myUser_pwd';"
###CREATE DB
sudo -u postgres psql -p <DB_PORT> -d postgres -c "CREATE DATABASE <DB_NAME> OWNER <USER_NAME> ENCODING 'UTF-8' TABLESPACE service_ts LC_COLLATE 'en_US.UTF-8' LC_CTYPE 'en_US.UTF-8' LIMIT -1;"
###CREATE SCHEMA
sudo -u postgres psql -p <DB_PORT> -d <DB_NAME> -c "CREATE SCHEMA "<SCHEMA_NAME>";"
###REVOKE PREVILEGES ON <SCHEMA_NAME> from public
sudo -u postgres psql -p <DB_PORT> -d <DB_NAME> -c "REVOKE ALL ON SCHEMA "<SCHEMA_NAME>" FROM "public";"
###GRANT USAGE ON <SCHEMA_NAME> TO <DB_USER>
sudo -u postgres psql -p <DB_PORT> -d <DB_NAME> -c "GRANT USAGE ON SCHEMA "<SCHEMA_NAME>" TO <USER_NAME>;"
###GRANT PREVILEGES ON TABLES OF <SCHEMA_NAME> TO <DB_USER>
sudo -u postgres psql -p <DB_PORT> -d <DB_NAME> -c "GRANT ALL ON TABLES IN SCHEMA "<SCHEMA_NAME>" TO <USER_NAME>;"
###GRANT PREVILEGES ON SEQUENCES OF <SCHEMA_NAME> TO <DB_USER>
sudo -u postgres psql -p <DB_PORT> -d <DB_NAME> -c "GRANT ALL ON SEQUENCES IN SCHEMA "<SCHEMA_NAME>" TO <USER_NAME>;"
###GRANT PREVILEGES ON FUNCTIONS OF <SCHEMA_NAME> TO <DB_USER>
sudo -u postgres psql -p <DB_PORT> -d <DB_NAME> -c "GRANT ALL ON FUNCTIONS IN SCHEMA "<SCHEMA_NAME>" TO <USER_NAME>;"
d) 重新启动 Postgresql 以进行配置更改
e) 将正确的 postgresql jdbc4 jar(对应于所使用的服务器版本,例如 9.3/9.4/10.1)放在域的 lib 文件夹中((即).../glassfish/ domain/<DOMAIN_NAME>/lib)
f) 重新启动 Glassfish 以进行配置更改
使用命令:
asadmin create-jdbc-connection-pool --datasourceClassName "org.postgresql.ds.PGConnectionPoolDataSource" --restype "javax.sql.ConnectionPoolDataSource" --property "ServerName=localhost:PortNumber=<DB_PORT>:DatabaseName=<DB_NAME>:User=<DB_USER>:Password=<DB_USER_PWD>" "<DB_CONN_POOL>"
和
asadmin create-jdbc-resource --connectionpoolid "<DB_CONN_POOL>" "jdbc/<DATA_SRC>"