# Alibaba Druid — High-Performance JDBC Connection Pool with Monitoring > A production-grade JDBC connection pool for Java that provides built-in SQL monitoring, wall-based security filtering, and detailed performance statistics. ## Install Save in your project root: # Alibaba Druid — High-Performance JDBC Connection Pool with Monitoring ## Quick Use ```xml com.alibaba druid-spring-boot-starter 1.2.24 ``` ```yaml spring: datasource: type: com.alibaba.druid.pool.DruidDataSource url: jdbc:mysql://localhost:3306/mydb druid: stat-view-servlet: enabled: true ``` ## Introduction Alibaba Druid is a JDBC connection pool designed for monitoring and performance analysis. Beyond pooling connections, it provides a built-in web console that displays SQL execution statistics, slow query logs, and connection usage in real time. ## What Alibaba Druid Does - Manages JDBC connection pooling with configurable min/max pool sizes and timeouts - Collects per-SQL execution metrics including count, time, rows, and error rate - Provides a built-in web dashboard (StatViewServlet) for real-time monitoring - Includes a WallFilter that blocks SQL injection patterns at the driver level - Supports SQL parsing and formatting for MySQL, PostgreSQL, Oracle, and SQL Server ## Architecture Overview Druid wraps the standard JDBC DataSource interface and intercepts every SQL call through a filter chain. The StatFilter collects timing and count data per SQL template. The WallFilter parses each statement through a dialect-specific SQL parser and rejects dangerous patterns. All statistics are stored in memory and exposed via a Servlet-based dashboard or JMX. ## Self-Hosting & Configuration - Add druid-spring-boot-starter for automatic Spring Boot integration - Enable the stat view servlet in application.yml for the monitoring dashboard - Configure connection pool sizes via initialSize, minIdle, and maxActive - Set slowSqlMillis to flag queries exceeding your latency threshold - Optionally export metrics to Prometheus via the druid-spring-boot-actuator module ## Key Features - Built-in SQL monitoring dashboard with no external dependencies - SQL injection firewall (WallFilter) that works at the connection pool level - Detailed per-SQL statistics: execution count, total time, max time, affected rows - Full SQL parser supporting 6+ database dialects - Connection leak detection with stack-trace logging ## Comparison with Similar Tools - **HikariCP** — fastest raw throughput; Druid trades marginal speed for built-in monitoring and security - **Apache DBCP2** — Apache's pool; Druid adds SQL-level metrics and the wall filter - **c3p0** — legacy pool; Druid is more actively maintained with modern diagnostics - **PgBouncer** — PostgreSQL-specific external pooler; Druid is a JVM-embedded, database-agnostic solution ## FAQ **Q: Is Druid slower than HikariCP?** A: In raw connection-acquire benchmarks HikariCP is slightly faster, but Druid's monitoring overhead is negligible in most production workloads. **Q: Can I use Druid without Spring Boot?** A: Yes. Druid works as a standalone DataSource in any Java application. **Q: Does the WallFilter protect against all SQL injection?** A: It blocks common injection patterns at the SQL parser level, but should complement application-level parameterized queries, not replace them. **Q: How do I access the monitoring console?** A: Enable stat-view-servlet and visit /druid/index.html on your application server. ## Sources - https://github.com/alibaba/druid - https://github.com/alibaba/druid/wiki --- Source: https://tokrepo.com/en/workflows/asset-f53bfd3c Author: AI Open Source