Java 7 SE, Part 4 of 4: JDBC and Security

Course description

JDBC got updated to version 4.1 in Java SE 7. This update was filled with all kinds of new features and classes. JDBC will now manage your JDBC resources, closing them automatically so you don’t leave data base connections open. You can also use the connection class to shut down the entire physical connection, with a graceful take down of threads and resources using the connection. This can be done explicitly or with a timeout that works under the covers. There has been work done in converting between Java object types and JDBC types. Both with the expansion of the permitable mappings and in the ability to explicitly specify the conversion mapping you want in a streamlined manner. Applications now have more control over 3rd party data source objects with methods to get information about the connection capabilities or to retrieve the data source’s logger and controller. JDBC also has two new classes which let you specify the third party row set classes you want to use without putting the explicit class names in your code. The Java SE 7 update pulled out all the stops in dealing with security. Updates to the Java Secure Socket Extensions or JSSE, protect your applications from the TLS renegotiation attack and the cyber block chaining attack. While new methods and a new trust manager class help keep you safe from other ‘man in the middle’ attacks. You can even disable algorithms that are considered weak, so our cryptography architecture frame work security riders will not use them. Security was front and center in the updates to RIA, our Rich Internet Applications. The Java console got a new tab that deals with RIA security. From this tab you can manage your overall security level, as well as your certificates, site exception lists and deployment rules.

Each LearnNowOnline training course is made up of Modules (typically an hour in length). Within each module there are Topics (typically 15-30 minutes each) and Subtopics (typically 2-5 minutes each). There is a Post Exam for each Module that must be passed with a score of 70% or higher to successfully and fully complete the course.

Prerequisites

This course assumes users have a solid understanding of object-oriented principals and experience coding with Java 5 or greater. This course was filmed using Eclipse for RCP and RAP developers (Java developer edition). A general understanding of Eclipse is required but only to understand the methods shown. The theory for this course will work on any IDE that supports the Java 7 SE SDK. You should have viewed the Java 7 SE: Enhancements and Concurrency, Java 7 SE: IO, New IO and Network Protocols and Java 7 SE: Unicode, Classes, and Frameworks courses before viewing this course.

Meet the expert

Brigitte Birze

Brigitte Birze is a seasoned software development professional with over 25 years of experience in Corporate IT and Engineering across many verticals. Brigitte has been involved in every phase of the software development lifecycle from the perspective of several roles: individual contributor, team lead, S/W architect, system engineer, proposal author, and project manager. Her innovative software architectures have resulted in six published papers and eight patents. Brigitte's dynamic communication skills, paired with her depth and breadth of technical knowledge, give her the unique ability to make the complex understandable and to convey technical concepts to cross-functional groups, speaking at the business or technical level.

Video Runtime

114 Minutes

Time to complete

325 Minutes

Course Outline

JDBC Updates

JDBC (27:47)

• Introduction (00:32)
• Connection Interface Updates (06:11)
• Demo: JDBCUpdates (05:23)
• DatabaseMetaData Updates (05:31)
• Demo: dbMetadataUpdates (05:01)
• Demo: Run dbMetadataUpdates (03:28)
• Summary (01:39)

JDBC Statements (21:56)

• Introduction (00:32)
• Overview of JDBC 1.4 Updates (03:20)
• Statement Interface Updates (01:49)
• Demo: Close Rules (02:17)
• Demo: isCloseOnCompletion (00:46)
• JDBC Try-With-Resources (01:39)
• Demo: Try-With-Resources (02:59)
• Demo: No Finally Clause (04:52)
• Obtain DataSource Logger (02:13)
• Summary (01:26)

JDBC Enhancements and Security

JDBC Enhancements (30:48)

• Introduction (00:42)
• Specify Java Type Returned (03:57)
• Demo: JDBCUpdates (04:09)
• Demo: CallableStatement (02:55)
• RowSet Implementations (02:19)
• RowSetProvider & RowSetFactory (04:41)
• Demo: RowSet Implementation (04:41)
• Demo: MyRowSetFactory (05:48)
• Summary (01:34)

Security (34:00)

• Introduction (00:37)
• TLS Renegotiation Attack (03:20)
• JSSE TLS Renegotiation Updates (03:38)
• Java SE 7 JSSE SSL/TLS Updates (01:49)
• JSSE SSL/TLS Session Updates (02:06)
• Java Control Panel Security (05:27)
• Demo: Java Security Tab (04:51)
• Demo: Manage Certificates (00:39)
• Java SE 7 Disabling Algorithms (02:49)
• Demo: Security Properties (05:25)
• Demo: TLS Disable (01:33)
• Summary (01:42)