I’m currently working on a project where we have a Java web app bought from a 3rd party vendor that’s connecting to SQL Server using Microsoft’s JDBC driver. However, I’ve been given the requirement of having to encrypt the connection string using a proprietary encryption protocol.
So my question is how feasible would it be to extend the JDBC drivers distributed from Microsoft to incorporate this encryption. At this point I’m mainly thinking of creating a JDBC wrapper that will underneath use the Microsoft JDBC driver.
I’m open to other suggestions from more experienced people who might have done something similar in the past, or even if they could share pitfalls with this approach.
Use jtds. It’s all java, works great for sql server, and supports encryption. It’s a drop in replacement minus setting up encryption. You just need to know where they’ve configured their JDBC URL (hopefully in a configuration file under WEB-INF or some place like that), put in your jtds URL in there, and drop the Jar in the WEB-INF/lib directory. You may have to extract the WAR file and repackage it with jtds. It just depends on how this 3rd party vendor has deliver their app to you. And yes I’ve shipped production packaged enterprise software using it for years.
http://jtds.sourceforge.net/
So say they have a simple properties file like this:
Change it to:
Of course you’ll have to fill in all of the <> and [] parts as needed. Then copy jtds.jar and any dependencies it needs into WEB-INF/lib and restart the server. It should work.