I read that JTDS (jtds-1.2.5.jar) is more stable and less buggy than JDBC of Microsoft. So I don't want to add more logs to the fire.. :]
2011/3/7 David kerber <dcker...@verizon.net> > On 3/7/2011 8:10 AM, הילה wrote: > >> Hey, >> I cannot look for it in Microsoft, since the Java is of SUN, and the >> implementation is on the Java side, not the SQL Microsoft side. >> > > Microsoft may have a jdbc driver you could use, though. > > > D > > > >> Option no' 1 :] >> User and password should not exist in clear text in the xml file. >> >> 2011/3/7 André Warnier<a...@ice-sa.com> >> >> הילה wrote: >>> >>> I'm using Microsoft SQL Server 2008, latest SP. >>>> the use of domain user is used with the jtds package, which allows the >>>> tomcat service to authenticate to the DB with the presence of native >>>> SSPI >>>> DLL called ntlmauth.dll >>>> However, it generated a memory leak in the server. So I'm looking for >>>> alternatives. >>>> >>>> So, the problem now, correctly stated, is : >>>> >>> >>> - does there exist a Java driver for SQL Server 2008, which allows for >>> NTLM >>> authentication with SQL Server, and does not have a memory leak ? >>> >>> (and I would think that Microsoft would be the place to look first) >>> >>> >>> But it is still a bad solution with respect to security, agreed ? >>> >>> It would still be interesting to know in what exact terms you were given >>> this task. >>> Did they tell you >>> - that the userid and password should in no circumstances be stored in >>> clear in any file on the Tomcat server (even if this file cannot be >>> accessed >>> by anyone) ? >>> - or did they tell you : our security scanner found a file containing a >>> user-id and password; this is not acceptable ? >>> - or some other formulation ? >>> >>> >>> >>> --------------------------------------------------------------------- >>> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org >>> For additional commands, e-mail: users-h...@tomcat.apache.org >>> >>> >>> >> > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > >
