On Tue, 2002-07-16 at 13:15, Rick Fincher wrote:
> Sounds like you have covered all the bases. Very strange.

Yes, my thoughts exactly. I do not know what to look to next.

> Is this a Tomcat webapp that won't talk or straight java code that you
have written in an app?

They are my own servlets and etc. running under Tomcat as webapps, but
not the ones that ship with Tomcat. Although they all work fine with
InterClient. The only thing I did was change driver class, and the url.

> In my particular case my FB server and Tomcat server are on the same
> box for greater speed and security.

Well I would differ there a little. A single proc can only do one thing
at a time. So two machines/proc can be doing two different things at the
same time. So there is speed differences there. Providing there is
little to no latency in the network, and the connections are open. Thus
pooling.

As for security, definitely no. Tomcat is usually accessed by the
public, in using the web apps and etc. No one except my clients are
allowed to talk directly to my DB server, and I do firewalling, and
hosts.allow and hosts.deny to control this.

So when servlets need to talk to my db, they do it behind the firewalls
and via the Lan. I do not think I can get to much more secure than that,
unless I did encryption on the Lan.

But in your case if there is ever a hole in Tomcat, they can get at
other things like your DB.

I hope you do not let outside unrestricted access to your db. Firewall
that port, or restrict only certain IP's. Then you will have much better
security.

But I always believe that running each service/app on a dedicated
machines, limits any exploits to that machine itself. Instead of being
able to effect more than one service.

Along with the other performance benefits from using more than one proc,
and I/O system and etc.

>It is very odd that it works for
> Interclient (indicating that the setup is OK) and not FB.

Yes, again my thoughts exactly. Even though they use different ports,
other than that, they should be somewhat similar?

> In this
> arrangement you have to be sure localhost resolves to an IP number.

Yep, although I wonder if it has to do with the host.equiv file. Now
that I think about it, that just may be it. Since my laptop does have
that file. It's not a default Linux file, but I have always needed one
to allow IB or FB to function properly.

Other than that I believe I have looked into everything.

> Also, if you are using the JNDI params from Tomcat, there was an error
> in some of the docs that called a param "user" when it should have
> been "username". This may not apply, but just in case.

No I do not think it does?

> Tomcat pooling is probably better in that it is more generalized and
> can be used with other databases if you ever have to migrate. In
> terms of performance, I don't know, I haven't benchmarked the various
> options. All the JNDI stuff gives you a lot of flexibility to change
> the setup in XML files without recompiling, although you could set up
> JNDI parameters to be used with the FB driver with internal pooling.

I do not have time to compare, so I may just elect to go with the one
inside of the driver, to reduce the amount of work Tomcat itself has to
do.

--
Sincerely,
William L. Thomson Jr.
Support Group
Obsidian-Studios Inc.
439 Amber Way
Petaluma, Ca. 94952
Phone 707.766.9509
Fax 707.766.8989
http://www.obsidian-studios.com