• Post Reply Bookmark Topic Watch Topic
  • New Topic

JNDI connection only partially encrypting  RSS feed

A Farroll
Ranch Hand
Posts: 43
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi all,

We have a Java servlet running on Tomcat and Windows and all database connections are encrypted using SSL. This works apart from a strange issue on one of the connections (SQL Server) which I do not understand. I am using WireShark to check the encryption is working but, whenever a new login is performed through the servlet, the FIRST data transfer for this particular connection is only partially encrypting, but if a second or third data transfer to this database connection is made under the same login the entire message is encrypted.

After the login all requests are handled through a token provided by Tomcat. The servlet also connects to an Oracle database which encrypts all the messages from the outset.

Why will the first data transfer only be partially encrypting?

Here is the JNDI entry in Tomcats context.xml file but obviously a few things amended to hide them

<Resource auth="Container"
factory="org.moss.jdj.dbcp.EncryptedDataSourceFactory" maxActive="100"
maxIdle="30" maxWait="10000" name="jdbc/connectionname"
password="*******" type="javax.sql.DataSource"
username="*******" />

Here is the entry in Tomcats server.xml file but again a few things amended to hide them

<Connector port="8443"
protocol="org.apache.coyote.http11.Http11Protocol" SSLEnabled="true"
maxThreads="150" minSpareThreads="25"
enableLookups="true" disableUploadTimeout="true"
acceptCount="100" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS" KeyAlias="ows"
KeystoreFile="C:\SSLKeys\ows.key" KeystorePass="********" />

Thanks in advance


Consider Paul's rocket mass heater.
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!