Menu
I've recently inherited some code, within which I've found a JDBC connection being initialized in a filter and added the the HttpSession for each user. That connection is then reused throughout various portions of the web application for the user. This immediately stood out to me as a code smell. I'd like to go back to the developer who wrote it and explain why he shouldn't do that... But maybe I'm not so sure myself...
Besides taking up unnecessary space in memory and potentially limiting the available connections to the database, are there any other reasons why you wouldn't store a JDBC Connection in an session?
251
JDBC Type 3 and Type 4 drivers use a network protocol to communicate to their back-ends. This usually implies a TCP/IP connection; this will either be a straight TCP/IP socket, but if the driver supports it, it can be a Secure Socket Layer (SSL) connection.
It is reasonably secure in as much as the sign on protocol is not vulnerable to network sniffing, and, it is very, very difficult to inject anything into the network traffic. However JDBC merely transports your SQL to the database and returns the resulting dataset.
Note: You can store and retrieve only . gif or . jpeg or . png type of images using JDBC program.
You have mentioned the obvious, one user to one database connection is not scalable. Your users should be completely decoupled from access to the data model. Here are a couple of issues you will run into.
198
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
