implementing SSl in jsp

Discussion in 'Java' started by ami, Nov 10, 2005.

  1. ami

    ami Guest

    Hello

    I have created 3 tier online book store. Here I am using jsp ,Tomcat as
    webserver and My_SQL as backend. Now I want to implement a secure JDBC
    "tunnel" between server-side application (or the shopping cart
    application) and the back-end database server. JDBC queries and their
    respective results exchanged between the application and the DBMS
    should be protected from potential intercepters. Can anyone suggest
    how to accomplish this?

    Please help.
     
    ami, Nov 10, 2005
    #1
    1. Advertising

  2. ami

    Roedy Green Guest

    On 10 Nov 2005 12:08:06 -0800, "ami" <> wrote,
    quoted or indirectly quoted someone who said :

    >Can anyone suggest
    >how to accomplish this?


    Put the servers on the same LAN behind a firewall.
    --
    Canadian Mind Products, Roedy Green.
    http://mindprod.com Java custom programming, consulting and coaching.
     
    Roedy Green, Nov 10, 2005
    #2
    1. Advertising

  3. Why "implementing SSL in JSP" ? Looks like I am missing something.

    Assuming that you want JDBC queries from tomcat to the DB server to go
    over a secure channel -

    If your JDBC (driver) talks to the server using a well know and fixed
    set of TCP/IP ports and it does not support SSL, you can use ssh to
    setup port forwarding. You can also try to setup VPN tunnels between the
    two machines. VPN tunnel might work for protocols others than TCP/IP.

    Abhijat

    ami wrote:

    >Hello
    >
    >I have created 3 tier online book store. Here I am using jsp ,Tomcat as
    >webserver and My_SQL as backend. Now I want to implement a secure JDBC
    >"tunnel" between server-side application (or the shopping cart
    >application) and the back-end database server. JDBC queries and their
    >respective results exchanged between the application and the DBMS
    >should be protected from potential intercepters. Can anyone suggest
    >how to accomplish this?
    >
    >Please help.
    >
    >
    >
     
    Abhijat Vatsyayan, Nov 11, 2005
    #3
  4. ami wrote:
    >
    > I have created 3 tier online book store. Here I am using jsp ,Tomcat as
    > webserver and My_SQL as backend. Now I want to implement a secure JDBC
    > "tunnel" between server-side application (or the shopping cart
    > application) and the back-end database server. JDBC queries and their
    > respective results exchanged between the application and the DBMS
    > should be protected from potential intercepters. Can anyone suggest
    > how to accomplish this?


    My first google suggests inserting useSSL=true into the connect URL.

    Another way of doing it is to use port forward with ssh. I'm writing
    this in Thunderbird over ssh port forwarding, and it works fine.

    Tom Hawtin
    --
    Unemployed English Java programmer
    http://jroller.com/page/tackline/
     
    Thomas Hawtin, Nov 11, 2005
    #4
  5. ami

    shamikm78

    Joined:
    Oct 14, 2008
    Messages:
    1
    Hi,
    have a look at this article http://www.velocityreviews.com/forums/t147650-implementing-ssl-in-jsp.html. The author has implemented the tunnel which you can adopt for your tunnel setup between server side and the database. This is a well known way of handling JDBC DML query in case you do not have a driver which itself supports SSL. For example, PostgreSQL does support SSL, if you configure the driver properly. Its easy to configure also similarly Oracle also does support it. I am not sure about MySQL but I feel the current JDBC drivers of MySQL might support it as well. In that case you do not have to implement the tunnel yourself using JSSE.
     
    shamikm78, Oct 14, 2008
    #5
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. 620
    Replies:
    2
    Views:
    1,058
    Murat Tunaboylu
    Jan 6, 2004
  2. CW
    Replies:
    2
    Views:
    557
  3. Replies:
    0
    Views:
    4,499
  4. =?Utf-8?B?YW5vb3A=?=

    Could not start Debugger after implementing SSL

    =?Utf-8?B?YW5vb3A=?=, Dec 18, 2006, in forum: ASP .Net
    Replies:
    0
    Views:
    296
    =?Utf-8?B?YW5vb3A=?=
    Dec 18, 2006
  5. Florent

    Implementing SSL

    Florent, Oct 2, 2006, in forum: ASP .Net Mobile
    Replies:
    1
    Views:
    767
Loading...

Share This Page