Client-Side Java Application accessing a database
Hello Sun Forums,
I'm developing a Java based client application which accesses a MySQL database server via JDBC.
My question is: How can I store the password for accessing the database in a secure way on the client? I'm looking for something like the Oracle wallet. I don't know if there is a solution to this problem. Any user could do reverse engineering and extract the password out of the source code. One way hash algorithms don't work either. Any help concerning this topic is highly appreciated.
Thanks, Yves
YvesW wrote:
Hello Sun Forums,
I'm developing a Java based client application which accesses a MySQL database server via JDBC.
My question is: How can I store the password for accessing the database in a secure way on the client? I'm looking for something like the Oracle wallet. I don't know if there is a solution to this problem. Any user could do reverse engineering and extract the password out of the source code. One way hash algorithms don't work either. Any help concerning this topic is highly appreciated.From your subsequent descriptions any 3rd party product will still not be a satisfactory solution. What you can do is to not make the DB visible by the end user and query only through request to a webserver. If you wish to adhoc type of queries, you can have a sql validation request, if your sql server supports that.
If you cannot use a webserver interface, then throw the idea out about saving the client password, the user is just going to have to enter their password. If you are worried about entering the password and cannot use a webserver, then you don't have a project.
Have the client call on the phone and request an extract, then send it to them on a DVD. But that can be intercepted in the mail. Even if it's encrypted, they have your data and eventually they will decrypt it.
BTW: security is only an illusion that lets us sleep at nights, in reality, it is nothing more than a hinderance: if someone really wants to access your web connected resource, then they are going to eventually find a way to do it.
Similar Messages
-
FRM 92091 unexpected fatalerror in client-side Java code
Hi to all ..
I have a Forms/Reports Application in a form I have a Java Bean that get the username of the client PC
In the Oracle AS 10g all work fine in a Weblogic I get the error
FRM 92091 unexpected fatalerror in client-side Java code
and in the details of the error
java.security.AccessControlException : access denied (java.utils.PropertyPermission user.name read)
any Idea ????
Thank's in advanceHi there
I am having a similar problem. We have a weblogic server which runs our forms application.
We were able to access the forms without any problem until when at one point, when we choose a different module in the form, we hit the below error
FRM92091 : unexpected fatalerror in client-side Java code
This is the details
Java Exception :
java.lang.SecurityException:class "oracle.forms.ui.DropDownEvent"'s signer information does not match signer information of other classes in the same package
at java.lang.ClassLoader.checkCerts(Unknown Source)
at java.lang.ClassLoader.preDefineClass(Unknown Source)
at java.lang.ClassLoader.defineClassCond(Unknown Source)
at java.lang.ClassLoader.defineClass(Unknown Source)
at java.security.SecureClassLoader.defineClass(Unknown Source)
at java.net.URLClassLoader.defineClass(Unknown Source)
at java.net.URLClassLoader.defineClass(Unknown Source)
at sun.reflect.GeneratedMethodAccessor6.invoke(Unknown Source)
at sun.reflect.DelegationMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
After the above error, the user restarted the PC, and the problem is gone. If this was an issue with the access right to the directory, how come after restart the PC, the form was working fine. Hope to hear some feedback and thank you in advance.
Kannan -
Calling client-side Java?
Is there a way to call a client-side java class from
ActionScript? Server-side is clearly available, but I'd like to do
some expensive processing locally.
ThanksThe Flash Player security sandbox virtually prohibits access
to any client-side resources whatsoever.
Tracy -
I need to develop a JSP that contains no client side JAVA.
By making use of JSP Bean Actions - would this not be considered using client side Java?
Any other adice on creating a JSP without using any client sode Java would be greatly appreciated.
Thank you very much in advance.Hi
Thats right, JSP contain Java Code or References to Java Objects which are all resolved on the server side and the output is sent to the client (browser).
The page could contain client side java if you embed Java Applets into your JSP.
I'm not sure if you mean that you don't want to have any "Java Code" in your JSP, such as :
<% if()......%> etc. then you have to go for Custom Tag Libraries and Java Bean Components.
See the links below for help on these:
1. http://developer.java.sun.com/developer/onlineTraining/JSPIntro/contents.html
2. http://developer.java.sun.com/developer/Books/cservletsjsp/
Good Luck!
Eshwar Rao
Developer Technical Support
Sun microsystems
http://www.sun.com/developers/support -
How To Use Client Side Certificate to access the SOAP service
HI,
I am client side and need to access a remote SOAP server side using a certificate.
I don't know how to add the certificate in my Java code, although I can get it using X509Certificate. The following is my code.
Thanks for any help
public class Dash911 {
public static void main(String args[]) throws IOException {
try {
//I have a Cert class that generate the cert
X509Certificate certificate = (new Cert()).getCertificate();
String targetURI= "http://schemas.ecs.telefinity.com/webservices/postal/";
String methodName = "FindStreet";
String encodingStyleURI = Constants.NS_URI_SOAP_ENC;
Vector params = new Vector();
String[] names = {"Westcorp", "35805"};
params.addElement(new Parameter("names", names.getClass(), names, null));
String endpointURL = "https://prototype.test.telefinity.com/integrationprovisioning/postal.asmx";
makeCall(targetURI, methodName, encodingStyleURI, null, params, endpointURL);
} catch (Throwable t) {
}//main
Thanks a lotKeystore or Truststore may be rigtht the same file, the matter is how you use it
at each time: if you need to authenticate yourself (no matter wether you are a
server or a client), you will have to initiate your SSLcontext with such file
managed by TrustManager. On the other hand, you just do same but
indicating your file is shall be managed by a KeyManager. -
Could I get result in xml from webservice (my client is java application)?
Hi,
I have a client which is a java application to call to my existed webservice and webservice return object result is okie. But I would like to get the result which is wrapped in xml file, not object? Can webservice do that? (If not, I have to wrap the result in xml by hand).
Anyone who know please help me. Very urgent, I have to have answer in 1 day.
Thank in advance.The result when we call to my webservice is an object which contain data, I don't want to get this object, I would like to gain an equivalent xml instead of object ( I don't know if webservice support this).
Yes, the last way is convert result java object to xml. But I think web service should support get xml results because client call to webservice is whatever, right? -
Hi am new and need help on client side java.
Hi I am a .net developer. Dont boo lol. I am trying to find the latest on Java. I build web apps and would like to use java on the client side.
Is there a new form of java for client side code.
What do I need to install?
Where are some good sites that provide tutorials for Java newbies wishing to develop web client scripts etc.
ThanksHi I am a .net developer. Dont boo lol. I am trying
to find the latest on Java. I build web apps and
would like to use java on the client side.
Is there a new form of java for client side code. Web apps usually use Java Server Pages, or JSPs, on the client side.
What do I need to install? Tomcat is a free servlet/JSP engine:
http://jakarta.apache.org/tomcat
Where are some good sites that provide tutorials for
Java newbies wishing to develop web client scripts
etc.
ThanksBetter buy a book. I highly recommend Hans Bergsten's JSP book for O'Reilly.
% -
Connecting Java application to Oracle Database with JDBC
How can I connect my Java application using Oracle 11g database?
Please provide the steps involved along with the coding.What kind of Java application? Stand alone/desktop? Or web? Do you need dedicated, individual connections, or connection pooling for 10,000 concurrent users?
You'll find a few clues in This Article [This Article|http://javawebdb.com/2012/01/30/connecting-a-java-servlet-to-a-database/] -
Changes in server side java file not reflecting in Client side java code?
Hi friends,
iam using eclipse IDE, JBoss server, SWING GUI and Oracle DB
( looks like : SWINGGUI (Client) <--> EJB's (serverside) <---oracle )
my problem is , when i make change in server side bean file, that changes are not reflecting in GUI programs.
(for ex: iam adding settr and getter for a field and using that in GUI program. but its not identifying that setter or getter).
please tell me what should i do for every change done to server side program, that should reflect / available to GUI?my problem is , when i make change in server side bean file, that changes are not reflecting in GUI programs.
(for ex: iam adding settr and getter for a field and using that in GUI program. but its not identifying that setter or getter).what do you mean it's not "identifying" the methods?
you have to call those methods you know
are you getting NoSuchMethodError?
please tell me what should i do for every change done to server side program, that should reflect / available to GUI?you haven't posted any code or error messages that might help us debug -
Loading a server side flex movie into a client side flex application
Hello all,
I'm running a local flex application that's loading another
flex movie from an external url into a container (via SWFLoader).
After setting up the whole crossdomain.xml issue, i'm facing
a weird problem:
The loaded swf shows up streched and does not inherit any
styles from the parent application. It also can not trigger any
function inside the parent application or the other way round.
When i load the same swf from my local filestore everything
is fine. It's also working properly when i load the parent
application from the same webserver the "loadin" swf comes from...
Does anyone know the problem? How can this be solved? Can it
be solved? If not, i'm in trouble..
Best regards,
N.I'm not sure why it would be stretched. As for the other
issue, look at Security.allowDomain. If you want the loaded SWF to
have access to the parent Flex app, the parent Flex app must grant
permission using allowDomain. And vice-versa. -
Submit by mail as .pdf without using client side mail application
is it possible to submit a form in pdf format to an e-mail address without it opening the clients outlook in order to send, i simply want them to click submit, and it to send to my mailbox with the info as follows
from: [email protected]
subject: Timesheet
Attach: Timesheet.pdf
body: Attached is this weeks timesheet
all i want the page visitor to do is fill in the info, and click "submit via e-mail" no outlook, no attaching, simply click and done.>? I have a similar requirement where in the users should be able to open the form from out website, fill it, submit and the form should be submitted through email.
>There should not be any windows based client email needed on the user's machine.
What you describe is, superficially, utterly impossible. No e-mail
client means you can't send mail.
But the end result can be achieved. The form should be submitted, just
like every HTML page, to a web script on a web server. The script
should only be written by an experienced web programmer familiar with
all the security issues of web programming today.
The script can, if the programmer wants, send the form data as an
e-mail. Note that sending it as PDF, rather than XML, may require a
major investment in enterprise software.
Aandi Inston -
Help! Java db on client side
I wan to build a desktop application
i still wondering using which database,
i ask most of my friends, they say client side also needed to setup database
so if i using java db is it also needed to be setup in client side and how?
Thank youWelcome to the Sun forums.
>
I wan to build a desktop application
i still wondering using which database,
i ask most of my friends, they say client side also needed to setup database
so if i using java db is it also needed to be setup in client side and how?>I am not entirely sure I understand your question, but note that Java Webstart is a good way to deploy a database to the client. It requires some effort from the developer, but is easy for the end user.
Edit 1:
Changed 'server' to 'database'.
Edited by: AndrewThompson64 on May 10, 2009 2:13 PM -
I'm trying to run an RMI application (under Windows XP, one machine for client and server) like this:
at server side:
java -Djava.rmi.server.codebase=file://\..\..\..\j\ -Djava.security.policy=file:.\polityka.txt sss
- and it works fine, but at client side:
java -Djava.security.policy=file:.\polityka.txt -Djava.rmi.server.codebase=file://\..\..\..\j\ kkk
results in:
Exception in thread "main" java.lang.NoClassDefFoundError: PrzykladowaKlasa
at kkk.main(kkk.java:31)
when I'm listing directory (at client side) got with System.getProperty("java.rmi.server.codebase") i get this
file://\..\..\..\j\
OdleglaKlasa_Stub.class
PrzykladowaKlasa.class
Folder Structure is:
|------j\
| |------(*_Stub.class, and ClassNeededByClient.class)
|------2\
| |------Server\
| | |------(serwer files)
| |------Klient\
| | |------(klient files)
I'm fresh in RMI and Codebase poperty, but with some exp with Java...
(policy files are allright - grant {permission java.security.AllPermission;};)
Any help will be appreciated.I've come back to this issue again (since I am moving code around to different systems again). Using linux I can use -Djava.rmi.server.codebase=file://$PWD/build/
Presumably there is a similar command in WIndows. -
How to create a java application & call it from a PDA via TELNET
Dear All,
My objective is to create a java application that's hosted on a server and called remotely from a PDA using TELNET.
I've created a java application using Eclipse & the jCurses library. Unfortunately, the jCurses API events and listener aren't enough and i wasn't able to achieve my target application functionality.
Can anyone advise a library other than jCurses that can help create a java application that can be called from a PDA via TELNET?
Is AWT an option ?
Thanks in advance for your support,
Best regards,
Lanauser10827661 wrote:
My objective is to create a java application that's hosted on a server and called remotely from a PDA using TELNET.
I've created a java application using Eclipse & the jCurses library. Unfortunately, the jCurses API events and listener aren't enough and i wasn't able to achieve my target application functionality.
Can anyone advise a library other than jCurses that can help create a java application that can be called from a PDA via TELNET?
Is AWT an option ?Your server side Java application can use a Java library that
creates a java.net.ServerSocket to listen for TCP connections from TELNET clients.
You do not need any graphics (jCurses or AWT) on the server side, telnet is a simple ascii protocol. -
I cant connect to my java application to oracle 11
i am posting my question after alot of research and alot of google stuff .
i have an oracle 11g 11.1.0.6.0 that is installed on my Laptop all i am trying to do is to connect my java application to the database
i am geting this exception : java.sql.SQLRecoverableException: IO Error: The Network Adapter could not establish the connection .
the listener is giving me an error as i show below .
i cant telnet the port also 1521 .
i couldnt connect also through sql developer .
the microsoft windows firewall is off .
the code that i am using to connect :
Connection con=null ;
try{
Class.forName("oracle.jdbc.driver.OracleDriver");
System.out.println("The driver has been loaded");
con=DriverManager.getConnection("jdbc:oracle:thin:@AMRO-PC:1521:XE", "aa" , "aa");
System.out.println("Connection was established");
catch (Exception e)
System.out.println(e.toString() );
}//catch
my tnsnames.ora is like this
XE =
(DESCRIPTION =
(ADDRESS = (PROTOCOL = TCP)(HOST = Amro-PC)(PORT = 1521))
(CONNECT_DATA =
(SERVER = DEDICATED)
(SERVICE_NAME = XE)
the full stacktrace :
java.sql.SQLRecoverableException: IO Error: The Network Adapter could not establish the connection
at oracle.jdbc.driver.T4CConnection.logon(T4CConnection.java:458)
at oracle.jdbc.driver.PhysicalConnection.<init>(PhysicalConnection.java:546)
at oracle.jdbc.driver.T4CConnection.<init>(T4CConnection.java:236)
at oracle.jdbc.driver.T4CDriverExtension.getConnection(T4CDriverExtension.java:32)
at oracle.jdbc.driver.OracleDriver.connect(OracleDriver.java:521)
at java.sql.DriverManager.getConnection(Unknown Source)
at java.sql.DriverManager.getConnection(Unknown Source)
at Main.main(Main.java:31)
Caused by: oracle.net.ns.NetException: The Network Adapter could not establish the connection
at oracle.net.nt.ConnStrategy.execute(ConnStrategy.java:392)
at oracle.net.resolver.AddrResolution.resolveAndExecute(AddrResolution.java:434)
at oracle.net.ns.NSProtocol.establishConnection(NSProtocol.java:687)
at oracle.net.ns.NSProtocol.connect(NSProtocol.java:247)
at oracle.jdbc.driver.T4CConnection.connect(T4CConnection.java:1102)
at oracle.jdbc.driver.T4CConnection.logon(T4CConnection.java:320)
... 7 more
Caused by: java.net.UnknownHostException: //localhost
at java.net.Inet6AddressImpl.lookupAllHostAddr(Native Method)
at java.net.InetAddress$1.lookupAllHostAddr(Unknown Source)
at java.net.InetAddress.getAddressesFromNameService(Unknown Source)
at java.net.InetAddress.getAllByName0(Unknown Source)
at java.net.InetAddress.getAllByName(Unknown Source)
at java.net.InetAddress.getAllByName(Unknown Source)
at oracle.net.nt.TcpNTAdapter.connect(TcpNTAdapter.java:117)
at oracle.net.nt.ConnOption.connect(ConnOption.java:133)
at oracle.net.nt.ConnStrategy.execute(ConnStrategy.java:370)
... 12 more
the listener.ora
SID_LIST_LISTENER =
(SID_LIST =
(SID_DESC =
(SID_NAME = PLSExtProc)
(ORACLE_HOME = D:\oracle\app\oracle\product\11.2.0\server)
(PROGRAM = extproc)
(SID_DESC =
(SID_NAME = CLRExtProc)
(ORACLE_HOME = D:\oracle\app\oracle\product\11.2.0\server)
(PROGRAM = extproc)
LISTENER =
(DESCRIPTION_LIST =
(DESCRIPTION =
(ADDRESS = (PROTOCOL = IPC)(KEY = EXTPROC1))
(ADDRESS = (PROTOCOL = TCP)(HOST = Amro-PC)(PORT = 1521))
DEFAULT_SERVICE_LISTENER = (XE)
it gives me an error when I try to start the listener through LSNCTRL that says :
Message 1070 not found; No message file for product=NETWORK, facility=TNSTNS-125
60: Message 12560 not found; No message file for product=NETWORK, facility=TNS
TNS-00530: Message 530 not found; No message file for product=NETWORK, facility
=TNS
And when I try to see the status of the Listener it says :
Message 1053 not found; No message file for product=NETWORK, facility=TNSTNS-125
41: Message 12541 not found; No message file for product=NETWORK, facility=TNS
TNS-12560: Message 12560 not found; No message file for product=NETWORK, facili
ty=TNS
TNS-00511: Message 511 not found; No message file for product=NETWORK, facilit
y=TNS
32-bit Windows Error: 61: Unknown error
So please can someone help me ?! Thanks in advance
Edited by: 913402 on Feb 9, 2012 12:10 AMYou put the machine name as the host name. I would put the (internal) network address of the laptop there and try again - and make sure that Oracle is actually listening on your internal network address in stead of only the localhost. Or are you running the java application on the same laptop? Then you can simply use 'localhost' as the host name.
Maybe you are looking for
-
Firefox will not start after an update, I cannot log in to Firefox in any manner.
Firefox does not work any more and every time I attempt to access it (even in Safe Mode) it displays the following message: Firefox.exe- Entry Point Not Found The procedure entry point JS_GetOperationLimit could not be located in the dynamic link lib
-
I only have one email account on my phone. It is a cox account and the default email account is of course cox. I've had some emails go out as a gmail account so when someone replies it goes to the gmail address instead of the cox address. These do
-
Add OWN property to the weblogic.properties
Hi. I tried to add my own property to the weblogic.properties. ERROR: "Found undeclared property" Is it at all possible? TIA,
-
Hey ppl, I do have a requirement in Oracle Alerts to get the email alert whenever an employee is created.. Now everything is working fine... But this alert works only for one particular BG... Even if i choose the Operaing Unit in Installation Tab, it
-
Pinch to zoom not working on safari
I have a 2012 macbook pro running mountain lion. when im on safari, my pinch to zoom gesture doesnt work. i can double tap and it will zoom in and out, but i really need the pinch to zoom gesture back. ive tried pinch to zoom on other apps like iphot