implementing SSl in jsp

A

ami

Hello

I have created 3 tier online book store. Here I am using jsp ,Tomcat as
webserver and My_SQL as backend. Now I want to implement a secure JDBC
"tunnel" between server-side application (or the shopping cart
application) and the back-end database server. JDBC queries and their
respective results exchanged between the application and the DBMS
should be protected from potential intercepters. Can anyone suggest
how to accomplish this?

Please help.
 
A

Abhijat Vatsyayan

Why "implementing SSL in JSP" ? Looks like I am missing something.

Assuming that you want JDBC queries from tomcat to the DB server to go
over a secure channel -

If your JDBC (driver) talks to the server using a well know and fixed
set of TCP/IP ports and it does not support SSL, you can use ssh to
setup port forwarding. You can also try to setup VPN tunnels between the
two machines. VPN tunnel might work for protocols others than TCP/IP.

Abhijat
 
T

Thomas Hawtin

ami said:
I have created 3 tier online book store. Here I am using jsp ,Tomcat as
webserver and My_SQL as backend. Now I want to implement a secure JDBC
"tunnel" between server-side application (or the shopping cart
application) and the back-end database server. JDBC queries and their
respective results exchanged between the application and the DBMS
should be protected from potential intercepters. Can anyone suggest
how to accomplish this?
Click to expand...

My first google suggests inserting useSSL=true into the connect URL.

Another way of doing it is to use port forward with ssh. I'm writing
this in Thunderbird over ssh port forwarding, and it works fine.

Tom Hawtin
 
S

shamikm78

Joined
Oct 14, 2008
Messages
1
Reaction score
0
Hi,
have a look at this article http://www.velocityreviews.com/forums/t147650-implementing-ssl-in-jsp.html. The author has implemented the tunnel which you can adopt for your tunnel setup between server side and the database. This is a well known way of handling JDBC DML query in case you do not have a driver which itself supports SSL. For example, PostgreSQL does support SSL, if you configure the driver properly. Its easy to configure also similarly Oracle also does support it. I am not sure about MySQL but I feel the current JDBC drivers of MySQL might support it as well. In that case you do not have to implement the tunnel yourself using JSSE.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Maintain session between an SSL page and Non SSL page 0
Learning SSL and ASP.NET 0
SSL based Session Tracking with WebSphere and Proxy server 0
Alp Hisim Resume 0
How to implement a combo Web and Desktop app in python. 3
SSLException when running as JWS/JNLP rather than in NetBeans 3
Opening for Sr Java Developer at White Plains, NY 0
Top 10 Technical requirements for In-Memory Reporting 0

Members online

No members online now.
Total: 35 (members: 0, guests: 35)
Robots: 450

Forum statistics

Threads
473,769
Messages
2,569,578
Members
45,052
Latest member
LucyCarper

Latest Threads

Top