| Author |
JMS newbie - security question
|
John Eric Hamacher
Ranch Hand
Joined: Apr 25, 2007
Posts: 230
|
|
Hello:
I am thinking about implementing a JMS system whereby database connection information would be transported within messages. Is there something
inherently unsafe about this? If so, what is the best method to secure these messages?
Thanks
Eric
|
 |
Scott Selikoff
Saloon Keeper
Joined: Oct 23, 2005
Posts: 3652
|
|
|
Yes? Well my question is why are you transmitting database information in a message? The J2EE should have its connections managed via connection pools, ergo, all database connections should be setup ahead of time. The only thing that the message might be 'which' database to use, not the full connection string.
|
My Blog: Down Home Country Coding with Scott Selikoff
|
|
John Eric Hamacher
Ranch Hand
Joined: Apr 25, 2007
Posts: 230
|
|
Well, here's the situation. We have a bunch of small web apps that don't use pooling, they just directly connect to databases. Users can choose whether to run against production or staging. So there will be two sets of connection parameters needed by these applications. We would rather not keep this information within the individual apps for maintenance purposes. And we don't want these apps to all ask a database for the connection parameters (duplication of code).
So we want our logic in one place and give it the ability to communicate to all these small apps the database information needed.
Eric
|
|
Scott Selikoff
Saloon Keeper
Joined: Oct 23, 2005
Posts: 3652
|
|
How often are you changing databases and how many databases are there? Keep in mind this forum is about EJBs, where direct access to the database is not common (other than in BMPs). If it were me, I'd either set up all databases in a connection pool on each local server, or write a good deployment script that fixes the database when the EAR is launched.
It sounds like you might need help in the JDBC forum, as what your describing isn't really a J2EE pattern.
|
|
John Eric Hamacher
Ranch Hand
Joined: Apr 25, 2007
Posts: 230
|
|
There many, many schemas, one for each customer. The choice between production or staging takes place at runtime so it may switch back and forth over a period of seconds, in theory.
It's a pain in the butt. I guess I could start pooling on every single app, setting up a pool for each database. It's a mess any way you look at it.
Eric
|
|
Scott Selikoff
Saloon Keeper
Joined: Oct 23, 2005
Posts: 3652
|
|
|
It's not so bad if you write good build/deployment scripts. It can automate the process a lot.
|
|
 |
|
|
subject: JMS newbie - security question
|
|
|
0
