commons-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Ralf Hauser (JIRA)" <>
Subject [jira] Commented: (DBCP-152) [DBCP] add a socketFactory attribute to BasicDataSource (to allow SSL "thread"-safe)
Date Fri, 20 Jul 2007 07:07:11 GMT


Ralf Hauser commented on DBCP-152:

Allowing for a non-global SSL socket factory has nothing to do with mysql. Even if JDBC as
a standard has not arrived there yet in their thinking, it it is relatively easy why not adding
a concept that can support good security without jdbc. Socket security after all may well
be considered as an orthogonal issue to both JDBC and RDBMs behind them.

Anyway, just because you personally don't have the time to contribute that (and neither do
I for now unfortunately :(  ), I think it is a lame approach to resolve enhancement requests
as "won't fix" since there may be someone else who has the time to do so.

see also DBCP-155

> [DBCP] add a socketFactory attribute to BasicDataSource (to allow SSL "thread"-safe)
> ------------------------------------------------------------------------------------
>                 Key: DBCP-152
>                 URL:
>             Project: Commons Dbcp
>          Issue Type: Improvement
>    Affects Versions: 1.2
>         Environment: Operating System: All
> Platform: Other
>            Reporter: Ralf Hauser
>            Priority: Minor
>             Fix For: 1.3
> An app that accesses 2 datasources at two different places with different
> security policies via SSL (different set of permitted ciphers) currently is out
> of luck (
> The basic datasource should be enhanced with 
>   String socketFactory = "";
> and the corresponding getter and setter method, etc.
> org.apache.commons.dbcp.DriverConnectionFactory.createConnection() could then
> hand-over this full className via its Properties argument to enable different
> SSL policies per datasource (so, since the application programmer doesn't have
> the thread under her control, I guess it should rather be called "dataSource-safe").
> The jdbc driver implementation can then use this to take the appropriate socket
> factory when creating a connection.
> See also

This message is automatically generated by JIRA.
You can reply to this email to add a comment to the issue online.

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message