1

Im trying to connect MSSQL server with JDBC using SSL but want to simulate reuse session. I opened the first connection and successfully saw SSL handshae. whithout closing the first one I opened a new one from the same client(IP, port), and expected to see reuse session (short handshake). but actually result with 2 handshakes. do I need to send some URL property asking to connect with some session ID, or is there any other approach? bellow my code. in my debug print after connection 2 is connecting I get :

%% No cached client session

*** ClientHello, TLSv1.2 RandomCookie: GMT: 1465392528 bytes = { 43, 89, 208, 221, 13, 215, 236, 167, 68, 88, 125, 134, 95, 233, 198, 226, 193, 180, 250, 181, 38, 62, 144, 35, 162, 215, 71, 59 } Session ID: {}

means that i is recognized as a new client or so.

Im using Win7 Java 8, MSSQL server2012

much appreciated.

    public void connect() throws SQLException, NoSuchAlgorithmException {

        System.setProperty("java.library.path",System.getProperty("java.library.path")+";C:\\Users\\aviva\\Desktop\\JDBC\\sqljdbc_6.0\\enu\\auth\\x86\\sqljdbc_auth.dll;C:\\Users\\aviva\\Desktop\\JDBC\\sqljdbc_6.0\\enu\\auth\\x64\\sqljdbc_auth.dll");
        String connectionUrl2 = "jdbc:sqlserver://<IP>:<PORT>;databaseName=master;EncryptionMethod=loginSSL";
        try {
            Connection conn1;
            Connection conn2;
            String queryString = "select * from sysobjects where type='u'";

            Class.forName("com.microsoft.sqlserver.jdbc.SQLServerDriver");
            conn1 = DriverManager.getConnection(connectionUrl2, "user", "password");
            System.out.println("con1 is connected...");
            Statement statement1 = conn1.createStatement();
            ResultSet rs1 = statement1.executeQuery(queryString);
            System.out.println("1 results");
            while (rs1.next()) {
                System.out.println(rs1.getString(1));
            }
            Class.forName("com.microsoft.sqlserver.jdbc.SQLServerDriver");
            conn2 = DriverManager.getConnection(connectionUrl2, "user", "password");
            System.out.println("con2 is connected...");
            Statement statement2 = conn2.createStatement();
            ResultSet rs2 = statement2.executeQuery(queryString);
            System.out.println("2 results");
            while (rs2.next()) {
                System.out.println(rs2.getString(1));
            }
            conn1.close();
            conn2.close();
        } catch (ClassNotFoundException | SQLException e) {
            e.printStackTrace();
        }
 }
Mike
  • 3,186
  • 3
  • 26
  • 32
Aviv Aniger
  • 11
  • 1
  • Unrelated, but that first line doesn't work. 1) You don't add a `.dll` to the library path, you add folders. And you cannot add both 32-bit and 64-bit versions at the same time, you have to only add the appropriate one. 2) The `java.library.path` should be set using the `-D` comment-line argument, I don't believe changing it inside will work. 3) You code works anyway, since the DLLs are only needed for `integratedSecurity=true`, i.e. when *not* giving a user and password. In short, remove that line. – Andreas Jun 08 '16 at 14:12
  • Also, `Class.forName()` hasn't been needed since Java 6. Even if you do use it, you only need it once. – Andreas Jun 08 '16 at 14:17
  • See [Java TLS Session Reuse after closed connection](http://stackoverflow.com/q/37425891/5221149). For one, just the title makes it clear that you have to close the first connection in order for the second connection to reuse the handshake. – Andreas Jun 08 '16 at 14:19
  • Thanks for your comment, it is indeed a dirty piece of code. regarding the issue itself, closing the first connection before opening the other result in 2 handshakes as well. – Aviv Aniger Jun 09 '16 at 05:04
  • Establishing a new connection to a database is a slow operation. The TLS handshake is a very small part of that exchange, so I'm not sure what it is you're trying to accomplish. If you want to reuse a connection, reuse the *database* connection by using a connection pool, e.g. [DBCP](https://commons.apache.org/proper/commons-dbcp/), don't try to just reuse the *SSL* connection (even if you could, and I'm not sure you can). – Andreas Jun 09 '16 at 14:49

0 Answers0