This week's book giveaway is in the Agile and Other Processes forum.
We're giving away four copies of The Little Book of Impediments (e-book only) and have Tom Perry on-line!
See this thread for details.
Win a copy of The Little Book of Impediments (e-book only) this week in the Agile and Other Processes forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

JNDI connection only partially encrypting

 
A Farroll
Ranch Hand
Posts: 43
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi all,

We have a Java servlet running on Tomcat and Windows and all database connections are encrypted using SSL. This works apart from a strange issue on one of the connections (SQL Server) which I do not understand. I am using WireShark to check the encryption is working but, whenever a new login is performed through the servlet, the FIRST data transfer for this particular connection is only partially encrypting, but if a second or third data transfer to this database connection is made under the same login the entire message is encrypted.

After the login all requests are handled through a token provided by Tomcat. The servlet also connects to an Oracle database which encrypts all the messages from the outset.

Why will the first data transfer only be partially encrypting?

Here is the JNDI entry in Tomcats context.xml file but obviously a few things amended to hide them

<Resource auth="Container"
driverClassName="com.microsoft.sqlserver.jdbc.SQLServerDriver"
factory="org.moss.jdj.dbcp.EncryptedDataSourceFactory" maxActive="100"
maxIdle="30" maxWait="10000" name="jdbc/connectionname"
password="*******" type="javax.sql.DataSource"
url="jdbc:sqlserver://databaseinstallname\db_instancename:2369;
databaseName=Images;encrypt=true;trustServerCertificate=true"
username="*******" />


Here is the entry in Tomcats server.xml file but again a few things amended to hide them

<Connector port="8443"
protocol="org.apache.coyote.http11.Http11Protocol" SSLEnabled="true"
maxThreads="150" minSpareThreads="25"
enableLookups="true" disableUploadTimeout="true"
acceptCount="100" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS" KeyAlias="ows"
KeystoreFile="C:\SSLKeys\ows.key" KeystorePass="********" />

Thanks in advance

Regards

AJF
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic