Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Mailing Lists -> Oracle-L -> Secure connections via JDBC

Secure connections via JDBC

From: S. Anthony Sequeira <Sequeira_at_lineone.net>
Date: Tue, 4 Jul 2000 21:51:56 +0100
Message-Id: <10548.111183@fatcity.com> 





Hi,



    I am looking for more ideas here.  I have a DB application with all
client connections coming from a JDBC connection over a web server.  The
idea is that the customer uses a web browser to connect to the web site,
which then validates the user and then connects to the Oracle database,
residing on a different server.



    DB connection passwords should not be sent, or, if sent should be
encrypted.



    Two ways to accomplish this spring to mind.



    
  
  1.   Use O/S authentication






        Drawbacks:


            The userid is available for perusal
            I don't know whether it will work (O/S authentication from


one server to another using JDBC) though I don't see why not



    2.    Use SSH and a secure port for protection of all JDBC
connections.




    This will be used in conjunction with SQL*Net encryption.



    Any other ideas.  I would rather get this right at first, than
stumble down dark alleys!



    TIA.


Tony

--
S. Anthony Sequeira

Wait for the ricochet

Opinions expressed herein are my own and do
not necessarily represent those of my employer


Received on Tue Jul 04 2000 - 15:51:56 CDT












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US