I would HIGHLY reccomend putting your web server and DB on differnet boxes.
If your DB is on your web server box, what is stopping a hacker from gaining
access to your DB? Nothing! If your data is sesistive in nature, please, for
you own good, put the DB on a seperate box, seperated by your firewall.
John D. McDonald
CipherStream Systems
email: [EMAIL PROTECTED]
web: www.cipherstream.com
-------------------------------------------------------
Secure E-Business Is Our Business
-------------------------------------------------------
----- Original Message -----
From: Vasudev Ram <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Sunday, November 07, 1999 7:20 AM
Subject: Re: Database and Web Server on seperate Box
> Hi Danny,
>
> I'm pretty sure that having db server and web servers on different boxes
> should be possible, with any combination of vendors products. Otherwise
one
> of the major benefits of the whole idea of web/db apps would be lost -
since
> both web servers and db servers consume significant machine resources. And
I
> know for a fact that Netscape Application Server / Netscape Enterprise
> Server allows one to have the Web server and the Application server on
> separate boxes, since we have that configuration. Try these ideas :
> - try to get a more detailed error message - use :
> try {
> // your db access code here
> catch(SomeException se)
> {
> // may have to capture it to a log file
> // since this is a servlet, or it may vanish
> e.printStackTrace();
> }
> - check your web server / servlet engine docs for
> set up / security config details - there may be
> a way to specify, in some config file, allowing
> access to other machines
> - check similarly for your JVM
> - check your machine's TCP/IP config, hosts file,
> services file, etc. - some entries may be needed.
> - check if there is a firewall between the 2 m/c's.
> - anything else on the same lines.
> Same goes for applets
> HTH
> Vasudev
>
> ------Original Message------
> From: Danny Rubis <[EMAIL PROTECTED]>
> To: [EMAIL PROTECTED]
> Sent: November 7, 1999 1:35:48 PM GMT
> Subject: Database and Web Server on seperate Box
>
>
> Hey!
>
> I have two questions about the above Subject, one concerning
> servlets (on-topic) and one concerning applets (off-topic).
>
> Architecture presently:
>
> Database, web server and servlet engine is on one Intel/NT box.
> All servlet access to the database is with direct connections like:
>
> "jdbc:db2://serverName:port/databaseName",
>
> where serverName
> is the same for the webserver and the database connection.
>
> Architecture proposed:
>
> But, when I try to move the database to a different box, say
>
> "jdbc:db2://serverName_on_a_different_box:port/databaseName",
>
> I will get a Security violation warning that I am trying to access
> another
> machine. Will someone help with some ideas.
>
> Applets have the same problem and maybe even a more difficult one to
> solve. All of the applets access the database same as above.
> Because the applet is loaded into the web browser, I think I
> am at the mercy of the web browser security. What to do?
>
> Is there a solution that will work for both servlets and applets?
>
> Is seems only natural that this is the next progression from getting
> servlets running on one box with small amounts of data residing in
> a DB to the day when the DB data gets to be too big. In
> that case, It doesn't make good sense to have the DB and web stuff
> on the same box, IMO. I think servlets are in a new phase now.
> They have proven to be a viable solution to the delivering the
> Business model.
>
> If any one knows how to do this, I think it has to be someone on this
> E-list. :>)
>
> Thank you.
>
> Danny Rubis
>
>
___________________________________________________________________________
> To unsubscribe, send email to [EMAIL PROTECTED] and include in the
body
> of the message "signoff SERVLET-INTEREST".
>
> Archives: http://archives.java.sun.com/archives/servlet-interest.html
> Resources: http://java.sun.com/products/servlet/external-resources.html
> LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
>
> -----------------------------------------------
> FREE! The World's Best Email Address @email.com
> Reserve your name now at http://www.email.com
>
>
___________________________________________________________________________
> To unsubscribe, send email to [EMAIL PROTECTED] and include in the
body
> of the message "signoff SERVLET-INTEREST".
>
> Archives: http://archives.java.sun.com/archives/servlet-interest.html
> Resources: http://java.sun.com/products/servlet/external-resources.html
> LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
>
___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".
Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
