Home | Contact Us | FAQ | Search & Site Map | Link to Us
Sign In | Join | Other 45 Sites in Network
HomeAnnouncementsWhite Papers
Discussion GroupsFirst AidDatabasesJavaBeansGUIJava 3DVirtual MachineCORBASecurityToolsGeneral
Java DirectoryOpen Source ProjectsSample Book ChaptersUser GroupsWeb Resources
Related Topics
Databases.NETMore Topics ...
Java Forum / General / November 2005

Tip: Looking for answers? Try searching our database.

implementing SSl in jsp

Thread view: 
Enable EMail AlertsStart New Thread
ami - 10 Nov 2005 20:08 GMT
Hello

I have created 3 tier online book store. Here I am using jsp ,Tomcat as
webserver and My_SQL as backend. Now I want to implement a secure JDBC
"tunnel" between server-side application (or the shopping cart
application) and the back-end database server. JDBC queries and their
respective results exchanged between the application and the DBMS
should be protected from potential intercepters.  Can anyone suggest
how to accomplish this?

Please help.
Reply to this Message
Roedy Green - 10 Nov 2005 22:05 GMT
>Can anyone suggest
>how to accomplish this?

Put the servers on the same LAN behind a firewall.
Signature

Canadian Mind Products, Roedy Green.
http://mindprod.com Java custom programming, consulting and coaching.

Reply to this Message
Abhijat Vatsyayan - 11 Nov 2005 00:39 GMT
Why "implementing SSL in JSP" ? Looks like I am missing something.

Assuming that you want  JDBC queries from tomcat to the DB server to go
over a secure channel  -

If your JDBC (driver) talks to the server using a well  know and fixed
set of TCP/IP ports and it does not support SSL, you can use ssh to
setup port forwarding. You can also try to setup VPN tunnels between the
two machines. VPN tunnel might  work for  protocols others than TCP/IP.

Abhijat

>Hello
>
[quoted text clipped - 9 lines]
>
>  
Reply to this Message
Thomas Hawtin - 11 Nov 2005 01:02 GMT
> I have created 3 tier online book store. Here I am using jsp ,Tomcat as
> webserver and My_SQL as backend. Now I want to implement a secure JDBC
[quoted text clipped - 3 lines]
> should be protected from potential intercepters.  Can anyone suggest
> how to accomplish this?

My first google suggests inserting useSSL=true into the connect URL.

Another way of doing it is to use port forward with ssh. I'm writing
this in Thunderbird over ssh port forwarding, and it works fine.

Tom Hawtin
Signature

Unemployed English Java programmer
http://jroller.com/page/tackline/

Reply to this Message


Free Magazines

Get these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...

Oracle MagazineNetwork ComputingComputer WorldBio-IT WorldeWeekInformation WeekInfosecurity
 
Sign In
Join
My Latest Posts
My Monitored Threads
My Blog
My Photo Gallery
My Profile
My Homepage
Start New Thread
Enable EMail Alerts
Rate this Thread



©2008 Advenet LLC   Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.