JDBC over SwiftMQ, backward connection initialization
1 posts in topic
Flat View  Flat View
TOPIC ACTIONS:
 

Posted By:   Karel_Michek
Posted On:   Monday, September 15, 2003 07:48 AM

Hello there! We are trying to deploy out of the box J2EE application that needs to talk to a DB using JDBC. But our client has a strict security policy: the DB cannot be in the same zone with the J2EE server (since it contains sensitive data). The DB has to be in a different security zone and a db CALL can be initiated only from the DB side, not from J2EE server side (I know it sounds like nonsense). If I understand it right Portmaster can run "JDBC over JMS", if yes, could it be configured so the call (receive JMS message containg the JDBC request) would be initiated from the DB side ???

Thank you very much
Karel
kmichek@hotmail.com

Re: JDBC over SwiftMQ, backward connection initialization

Posted By:   Andreas_Mueller  
Posted On:   Monday, September 15, 2003 10:27 AM

Yes. Deploy 2 SwiftMQ routers with a Portmapper Swiftlet in each zone and let the router in the secure zone connect to the one in the insecure zone. You can use SSL for the routing connection.


In the Portmapper Swiftlet [secure zone] define a port provider that connects to your DB's TCP listener port, say 1683, and provides the port via a JMS queue, say, db@router2 (router2 is the name of the [secure zone] router). In the Portmapper Swiftlet [insecure zone] define a port listener that connects to the queue db@router2 of the port provider and maps it to your localhost [127.0.0.1] whatever port, say, 10111.


If you connect with your application in your insure zone to localhost:10111, a virtual bidirectional connection will be established between localhost:10111-db@router2-dbhost:1683. Thus, you have a transparent portmapping via JMS. Of course you can connect multiple times to the port 10111 and can run multiple DB connections simultaneously.


The Portmapper Swiftlet is a very cool thing. We use it ourself to create a virtual VPN and run IMAP, Perforce, Telnet, etc over it.
About | Sitemap | Contact