Security
[274 byte] By [X999a] at [2007-11-27 3:59:32] 
HeyCan anyone tell me about the security if i use an Applet that access my DB. My worries are if somebody Decompile my Applet and uses the source code create an applet/application that access MY DB. Is that possible ?I hope it make senseAL
> Is that possible ?
Yes. The way you overcome this problem is by sticking an app server in-between the applet and the database. The applet talks to the app server (i.e. web service) and the app server should then access the database.
If you control who has access to the applet (i.e. trusted parties) then you may consider accessing the database directly but it is still not recommended.
YoGeea at 2007-7-12 9:04:04 >
of course you'd still have the same problem, as any one of your untrustworthy users could fake being your applet with his reverse engineered code and sneak his way in ;)
jwentinga at 2007-7-12 9:04:04 >
What can i then do - if i want to secure my users data i my DB?AlMessage was edited by: X999
X999a at 2007-7-12 9:04:04 >
> of course you'd still have the same problem, as any
> one of your untrustworthy users could fake being your
> applet with his reverse engineered code and sneak his
> way in ;)
True, but it is much less of a security risk than allowing the user to access the database directly.
Of course you should also make sure your web service accesses the database as a user with the absolute minimum privileges needed. Other security checks you can put at this level depend on what your application is doing really (certainly your users should need to authenticate themselves).
YoGeea at 2007-7-12 9:04:04 >
Okay - Thanks for helping me
X999a at 2007-7-12 9:04:04 >
Java Essentials New Topic
Java Essentials Hot Topic
Java Essentials
All Classified
- Archived Forums
- Enterprise & Remote Computing
- Java Essentials
- Desktop
- Core
- Solaris Operating System
- Security
- Database Connectivity
- Java Mobility Forums
- Web & Directory Servers
- Development Tools
- Application & Integration Servers
- Java HotSpot Virtual Machine
- Other Topics
- E-Mail, Calendar, & Collaboration
- Developer Tools
- General
- Administration Tools
- Sun Hardware
- Storage Forums
- Java Enterprise System
- StarOffice
- Open Source Technologies
- BigAdmin
- Real-Time
- Java Coding