Creating a JDBC Client Application with SSL Capability
These are the general steps to enable a custom-developed client application to integrate with the SSL authentication capabilities of TDV.
1. Create your client application and declare a connection URL, using the following syntax:
jdbc:compositesw:dbapi@<fully_qualified_hostname>:<portnumber>
?domain=<cis_domainname>&dataSource=<data_source_name>&encrypt=true
For example, for Java you might add:
String url = "jdbc:compositesw:dbapi@localhost:9401?"
+"domain=composite&dataSource=cdspt&encrypt=true"
String user = "compUser";
String pass = "compPassword";
// Load driver
Class.forName("cs.jdbc.driver.CompositeDriver")&encrypt=true
// Create connection
conn = DriverManager.getConnection(url, user, pass);
For other URL properties, see JDBC Driver Connection URL Properties in the TDV Client Interfaces Guide.
2. Declare the username and password variables for use in the connection statement.
3. Optionally, find the JDBC driver name on the Data Source tab of the JDBC Data Source Administrator.
4. Optionally, write a sample program to test the connection URL.
5. Create or modify your client program so that it includes the connection syntax. For example, you must include a statement similar to the following to establish the connection:
conn = DriverManager.getConnection(URL, userName, password);
6. To set up authentication between JDBC client applications and the TDV server, you must declare a connection URL. This URL contains the following JDBC parameters where the keystore information can be specified.
JDBC Parameter | Description |
validateRemoteCert | Windows platform only. Ignored on UNIX platforms. False (default): no certificate validation is performed before establishing a connection. Also by default, a placeholder certificate is installed; csjdbc.jar uses a default bundled truststore for validation, unless the client system truststore is present and configured. True: The TDV JDBC client initiates the validation handshake, using the TDV certificate a for password encryption. If validation fails, no connection is established. The TDV Server certificate is loaded from the file specified in the keystore File Location configuration parameter. The keystore Key Alias is used when it is configured. |
validateRemoteHostname | Windows platform only. Ignored on UNIX platforms. False (default): No host name validation is performed. True: The csjdbc.jar compares the value of host in JDBC URL with the subject CN (common name) value in the certificate received from the targeted TDV Server. If host name validation fails, the connection is not established. |
7. Restart the TDV Server.