Hi,
Have a Sun One web server 6.1 in the DMZ. I want to set up connection pooling on this to connect to a DB on our LAN through an inner firewall.
Is this a good idea, or a security risk?
Also, when configuring, any way to secure the username/password which has to be entered in to the pool setup in the Sun One Admin Server?
Cheers,
Gareth
The only major issue that I could think of is the firewall closing the JDBC connections in the pool. Some firewalls do not close the connections cleanly, so that the jdbc driver is unable to detect that the connection has been closed, and while trying to find out its state, gets "hanged" for a while.
The typical solution for this type of problems in 6.1, if it arises, is to set the connection pool time outs to much lower values than those of the firewall, so all connection are timed out by the pool before they are timed out by the firewall.
Hi,
Found some info on the web about passing in username and password in code using :
conn = ds.getConnection("user", "pass");
instead of
conn = ds.getConnection(); (where username/password stored in server.xml)
This would be better as I could get the username/password from ldap on our LAN. Would be more secure.
Doesnt work for me though, get this error:
java.sql.SQLException: invalid arguments in call
java.sql.SQLException: invalid arguments in call
at oracle.jdbc.dbaccess.DBError.throwSqlException(DBError.java:114)
at oracle.jdbc.dbaccess.DBError.throwSqlException(DBError.java:156)
at oracle.jdbc.dbaccess.DBError.check_error(DBError.java:803)
at oracle.jdbc.ttc7.TTC7Protocol.logon(TTC7Protocol.java:175)
at oracle.jdbc.driver.OracleConnection.<init>(OracleConnection.java:198)
at oracle.jdbc.driver.OracleDriver.getConnectionInstance(OracleDriver.java:251)
at oracle.jdbc.driver.OracleDriver.connect(OracleDriver.java:224)
at java.sql.DriverManager.getConnection(DriverManager.java:512)
at java.sql.DriverManager.getConnection(DriverManager.java:171)
at oracle.jdbc.pool.OracleDataSource.getConnection(OracleDataSource.java:102)
at oracle.jdbc.pool.OracleDataSource.getConnection(OracleDataSource.java:85)
at com.sun.enterprise.resource.JdbcAllocator.createResource(JdbcAllocator.java:98)
at com.sun.enterprise.resource.IASNonSharedResourcePool.createSteadyResources(IASN onSharedResourcePool.java:865)
at com.sun.enterprise.resource.IASNonSharedResourcePool.initPool(IASNonSharedResou rcePool.java:360)
at com.sun.enterprise.resource.IASNonSharedResourcePool.internalGetResource(IASNon SharedResourcePool.java:598)
at com.sun.enterprise.resource.IASNonSharedResourcePool.getResource(IASNonSharedRe sourcePool.java:490)
at com.sun.enterprise.resource.PoolManagerImpl.getResourceFromPool(PoolManagerImpl .java:189)
at com.sun.enterprise.resource.PoolManagerImpl.getResource(PoolManagerImpl.java:93 )
at com.sun.enterprise.resource.JdbcDataSource.internalGetConnection(JdbcDataSource .java:201)
at com.sun.enterprise.resource.JdbcDataSource.getConnection(JdbcDataSource.java:16 3)
Any ideas?
