• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

How to connect to a DB thru a firewall? JMS?

 
John Cummins
Greenhorn
Posts: 5
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
OK, this is a somewhat complicated situation. We are implementing a package customer care solution where we can only change the JDBC driver without rewriting significant amounts of the product's code.
The problem is that for security reasons, sensitive data must be stored in the secure zone. This packaged application is in an unsecure zone. The package implementation needs access to this sensitive data. Data can only flow like this :
secure -> unsecure
JMS is used to tell the secure zone when the unsecure zone wants data. So the flows look something like this:

unsecure --JMS request for data --> secure
unsecure <--JMS response with data-- secure

Given that I can only change the JDBC parameters (driver, etc.) and not the code, how can I still meet the security standards?
Option 1 - One thought we had is to use a JMS connector on the URL or port in the JDBC driver URL. This connector could then get the DB info from the secure zone and send it back to the package application. I have serious doubts that this will work.
Option 2 - A similar idea is that maybe we could set up a servlet to receive the JDBC requests based upon the URL or port number. This servlet could then do the JMS call to the secure zone, get the data and return it to the package application. I also think this option has some flaws and am not sure it would work either.
Does anyone who is more of a JMS or JDBC expert have any ideas? Any comments or feedback would be greatly appreciated. Thanks in advance.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic