JDataConnect™ Support

New Features

HTTP Tunneling
This page explains how firewalls affect JDBC drivers and how JDataConnect allows you to develop applets, servlets and applications without having to worry about the difficult underlying technical issues involved.
JWebServerGateway is included in all JDataConnect editions and operates with the JData2_0, JData1_2 and JDataLite JDBC drivers.
How Firewalls Complicate the Application Environment
A firewall is typically a computer and software that sits between a group of client users and the wider outside Internet or intranet. The firewall is used to protect the internal client network from unauthorized access from outside the firewall. The firewall may also be configured to restrict the types of outside access clients have security to.
Specifically, a firewall will restrict the types of protocols that may travel across the firewall into the internal network. The firewall will also often restrict the ports through which these protocols may pass. Many firewalls will be configured to allow HTTP protocol traffic on port 80 only – this allows users inside the firewall to browse web pages but nothing else. It also blocks outside attempts that access the network inside the firewall.
Network JDBC drivers that cannot traverse firewalls will simply fail any time a user inside a firewall tries to use your applet or application. If your application is web based you must cater for the fact that visitors to your site may be behind a firewall. If your application is intranet based you must cater for the fact that firewalls may exist between the user and the database server.
JDataConnect provides a number of solutions to the firewall challenge. JDataConnect handles firewall access transparently so that developers need not worry about the many difficult technical issues regarding firewall access.
Supported Webservers
Your web server must be be one of the following types in order to operate with JWebServerGateway:
  • A web server that can invoke servlets (e.g. Tomcat, Java Web Server)
  • A web server that is ISAPI compliant (e.g. Microsoft Information Server IIS)
Understanding JWebServerGateway
JWebServerGateway is a software gateway that allows the JDataConnect JDBC drivers to operate reliably when client side users reside within a firewall protected network. Developers using JDataConnect do not have to write extra code to traverse firewalls since the JDataConnect JDBC drivers handle all the details automatically.
When a client runs a Java applet or application inside a firewall the JDataConnect JDBC drivers will first attempt a regular direct connection to JDataServer on the remote server. In a firewall protected environment this connection will usually fail because the firewall blocks this type of connection for two reasons:
  • The connection is not an HTTP connection
  • The JDataServer port (default 1150) is not enabled on the firewall
Many firewalls are configured to allow users to access web pages and nothing else. That is, they are configured to allow only HTTP protocol connections on port 80 – the default web server port. So in order for JDBC connections to succeed for users behind a firewall they too must use HTTP protocol and be routed via port 80.
When the JDataConnect drivers fail to connect via a regular direct connection to JDataServer they automatically retry the connection using HTTP protocol via port 80. This connection will be allowed by the firewall since it is the same way users access web pages. When the request arrives at the remote server the ISAPI web server will receive the request since it is operating on port 80. The web server will then send the request onto JWebServerGateway which in turn routes the request to JDataServer. The response is then routed back to the client side drivers via JWebServerGateway and the web server. In effect, the entire transaction looks to the firewall as a regular HTTP request which it allows through without problem.
HTTP tunneling is the technical name for this approach. Note that simpler forms of HTTP tunneling that do not route via the web server port (default is 80) will still fail since the firewall is typically configured to block access on other ports.
JWebServerGateway Configuration
JWebServerGateway has two implementations. You must install the correct implementation depending on your web server setup. Both gateways are included in the JDataConnect distribution. The following table lists the implementations.
Web Server Type
Gateway
Notes
Connection String
Servlet Capable
JWebServerGateway.class
Implemented as a Servlet
gatewayType = 1
ISAPI
JWebServerGateway.dll
Implemented as an ISAPI dll
gatewayType = 0
Connection Architecture Using JWebServerGateway and JDataConnect
Please visit our architecture page for all architectural diagrams.
How to Setup and Administer the Servlet JWebServerGateway
JWebServerGateway must be installed as a servlet in your web server environment. See your specific web server’s documentation to learn about installing servlets.
You can specify the following properties to customize JWebServerGateway. See your specific web server’s documentation to learn about installing servlet properties. Note that properties are case sensitive.
logging=1 causes JWebServerGateway to log trace information to the console and a trace file called JWebServerGateway.txt
jdataserverPort=nnnn causes JWebServerGateway to look for JDataServer on port nnnn. If you not specify this property the gateway will expect JDataServer to be running on the default port (1150).
System administrators may query the running status of remote JWebServerGateway via a web browser. The status gives information such as when the gateway started, how often it was used and the details of any error conditions that occurred. To query the status of JWebServerGateway use the URL:
http://\JWebServerGateway
where RemoteServer is the name or address of the remote server.
How to Setup and Administer the ISAPI JWebServerGateway
Copy JWebServerGateway.dll into the root directory of your web server.
Ensure that whatever directory you install JwebServerGateway.dll into has execute permission, not just read permission. If that directory has only read permission (the default) then the web server will not execute the DLL, but rather offer to download it. Ensure that your web server software is configured to run on port 80 and is up and running.
JWebServerGateway supports the logging options Log Errors, Log Objects and Log File. These options may be enabled using the administrator JDataAdmin. Note that if you change JWebServerGateway logging options you must stop and restart your web server software for the changes to take affect. e.g. for Internet Information Server IIS stop and start the World Wide Web Publishing Service in NT’s service administrator. If a log file is specified in JDataAdmin JWebServerGateway will create the log file in the web server software’s operating directory. e.g. For IIS that would be \WINNT\SYSTEM32.
System administrators may query the running status of remote JWebServerGateway via a web browser. The status gives information such as when the gateway started, how often it was used and the details of any error conditions that occurred. To query the status of JWebServerGateway use the URL:
http://\JWebServerGateway.dll?query
where RemoteServer is the name or address of the remote server.
Testing Applications Using JWebServerGateway
Many programmers develop applications on a local computer and then deploy the final application to a different server. In this case testing for firewall operation may be difficult. The easiest way to test JDataConnect using JWebServerGateway is: :
  • Install JWebServerGateway as previously described.
  • Use JDataAdmin to set the port for JDataServer to something other than the default, for example 2000.
  • Do not specify a port on your JDBC connect string so that the JDataConnect drivers attempt to connect to JDataServer on the default port. When this connection fails the JDataConnect driver will automatically attempt a HTTP connection on port 80 via JWebServerGateway instead. JWebServerGateway will then route your JDBC calls through to JDataServer on port 2000.