On 3/7/2011 8:27 AM, הילה wrote:
> I read that JTDS (jtds-1.2.5.jar) is more stable and less buggy than JDBC of
> Microsoft. So I don't want to add more logs to the fire.. :]
As Andre says, the one you're using now seems to be rather buggy. We
have been using the Microsoft driver for a few months now with no
trouble, though we're not using NTLM authentication with it, and the SQL
we're using isn't very demanding.
>
>
> 2011/3/7 David kerber<dckerber@verizon.net>
>
>> On 3/7/2011 8:10 AM, הילה wrote:
>>
>>> Hey,
>>> I cannot look for it in Microsoft, since the Java is of SUN, and the
>>> implementation is on the Java side, not the SQL Microsoft side.
>>>
>>
>> Microsoft may have a jdbc driver you could use, though.
>>
>>
>> D
>>
>>
>>
>>> Option no' 1 :]
>>> User and password should not exist in clear text in the xml file.
>>>
>>> 2011/3/7 André Warnier<aw@ice-sa.com>
>>>
>>> הילה wrote:
>>>>
>>>> I'm using Microsoft SQL Server 2008, latest SP.
>>>>> the use of domain user is used with the jtds package, which allows the
>>>>> tomcat service to authenticate to the DB with the presence of native
>>>>> SSPI
>>>>> DLL called ntlmauth.dll
>>>>> However, it generated a memory leak in the server. So I'm looking for
>>>>> alternatives.
>>>>>
>>>>> So, the problem now, correctly stated, is :
>>>>>
>>>>
>>>> - does there exist a Java driver for SQL Server 2008, which allows for
>>>> NTLM
>>>> authentication with SQL Server, and does not have a memory leak ?
>>>>
>>>> (and I would think that Microsoft would be the place to look first)
>>>>
>>>>
>>>> But it is still a bad solution with respect to security, agreed ?
>>>>
>>>> It would still be interesting to know in what exact terms you were given
>>>> this task.
>>>> Did they tell you
>>>> - that the userid and password should in no circumstances be stored in
>>>> clear in any file on the Tomcat server (even if this file cannot be
>>>> accessed
>>>> by anyone) ?
>>>> - or did they tell you : our security scanner found a file containing a
>>>> user-id and password; this is not acceptable ?
>>>> - or some other formulation ?
>>>>
>>>>
>>>>
>>>> ---------------------------------------------------------------------
>>>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>>>> For additional commands, e-mail: users-help@tomcat.apache.org
>>>>
>>>>
>>>>
>>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>> For additional commands, e-mail: users-help@tomcat.apache.org
>>
>>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
|