Is Slick (ORM for Scala) connection secure?
Question
I`m noob in Slick and I have one big question: is Slick secure? As I know in JDBC spec there no any information about any data protection between driver and db, and this problem has individually solutions in different drivers. I not found any info about protect connection with ssl in slick oficial site and doc. I hope that somebody tell me true info and if slick is not secure show how I can protect conect. Sorry for my bad English.
1 answers
solution1
4 ACCPTED 2015-03-16 12:51:52
Slick 2.0 uses JDBC under the hood. So Slick is naturally at most as secure as the underlying JDBC connection.
Slick 3.0 focuses on reactive streams and hence might introduce support for asynchronous DB connections and for NoSQL databases. These would naturally not run over JDBC, so things might be different there.
Normally an application and its database are hosted with a very direct connection between them. The database connection is very sensitive to high latency and low bandwidth. Both will slow down the application considerately. So its very uncommon to encrypt or tunnel the database connection.
It's usually better to secure application and database together and put some kind of application level firewall (eg a web proxy) before the application.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.