It's not a secret anymore!*
The moose likes JDBC and the fly likes Java and databases Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Android Security Essentials Live Lessons this week in the Android forum!
JavaRanch » Java Forums » Databases » JDBC
Bookmark "Java and databases" Watch "Java and databases" New topic
Author

Java and databases

Bob Chad
Greenhorn

Joined: May 20, 2010
Posts: 19
Hello,

I have a general question about Java applets and databases
I have written an applet wich is on a web server and runs in a browser.
I would like to read information from a mysql database from the same web server.

I can read info from a local mysql database with jdbc connector no problem
But to read from a remote database, if I understand right, I need to :
Open the correct port (3306) on my firewall
configure mysql to accept remote connections

This a problem for people who don't have this port open

Is there an easy way of doing this ?
Why do php scripts who read mysql databases do not require all this ?
(because they run from the server ??? and an applet runs from the local machine ???)

Thanks for your help.
Siddhesh Deodhar
Ranch Hand

Joined: Mar 05, 2009
Posts: 117
an applet runs from the local machine ???)


True


Good, Better, Best, Don't take rest until, Good becomes Better, and Better becomes Best.
Sidd : (SCJP 6 [90%] )
Campbell Ritchie
Sheriff

Joined: Oct 13, 2005
Posts: 38062
    
  22
Welcome to the Ranch

I think this thread would sit better on another forum; I'll try our databases forum first, then it might move elsewhere later.
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 41149
    
  45
You'll also have to make sure that the DB is on the same server as the web server that serves the applet, or the applet won't be allowed to connect to it (unless it is signed).

But using JDBC in an applet is considered a security risk, since you need to open up the DB to the Net at large. The usual workaround (which also takes care of the problem mentioned above) is to run a small proxy server on the same machine that runs the web server; it would listen to requests from the applet, relay them to the DB, and send DB results back to the applet.


Ping & DNS - my free Android networking tools app
Bob Chad
Greenhorn

Joined: May 20, 2010
Posts: 19
Hi,
Thanks alot for your reply.
I understand the problem

The web server is a basic server, I don't know if they will do this for just for me.
I'll ask anyway

If I need to find a workaround, I had a few thoughts

- Can I run a server sql php script from the applet and read the variables returned ?
or have the scripts create a text file with my data and read it ?
- Or is there some other way to retrieve data from the database without directly accessing it ?

Thanks

David Lee Lambert
Greenhorn

Joined: Oct 02, 2006
Posts: 7
Ulf Dittmer wrote:But using JDBC in an applet is considered a security risk, since you need to open up the DB to the Net at large. The usual workaround (which also takes care of the problem mentioned above) is to run a small proxy server on the same machine that runs the web server; it would listen to requests from the applet, relay them to the DB, and send DB results back to the applet.


I'd say the "usual" workaround is to write one or more intermediate tiers in a server-side language (PHP, Java, whatever) and have the applet communicate to the next tier using RMI, SOAP, or some custom protocol. However, it's certainly possible to write a two-tier (client-server) system with an applet as the client and MySQL as the database server. I would even suggest that it can be made just as secure as and more maintainable than a comparable 3-tier solution, if the middle tier would otherwise be a simple pass-through of queries and results. However, it does require administrative control of the MySQL server to expose it to anyone who could run the applet; not all hosting services that provide "MySQL and PHP" hosting will allow that.

Of course, I wouldn't hard-code the MySQL root user's credentials into the applet code. I'd either create a special user for the applet with restricted privileges to only SELECT from the specific tables it needs (and possibly INSERT or UPDATE somewhere, if necessary), or make the user enter his MySQL username and password into the applet and have it connect over SSL.
David Newton
Author
Rancher

Joined: Sep 29, 2008
Posts: 12617

David Lee Lambert wrote:I would even suggest that it can be made just as secure as and more maintainable than a comparable 3-tier solution, if the middle tier would otherwise be a simple pass-through of queries and results.

I probably wouldn't; client code that's accessing a web service will almost always be simpler to maintain than anything going directly to the database, and exposing the functionality as a service allows more generic usage besides just an applet.
Bob Chad
Greenhorn

Joined: May 20, 2010
Posts: 19
Thanks for all this info

I got it working by creating a php script on the server that access the DB, running it from the applet and reading the result

I had a new tip for using JDBC, it's called SSH tunneling

I will investigate this and keep you posted
 
 
subject: Java and databases
 
Similar Threads
java.net.ConnectException: Connection refused: connect
expand java console
Sending data to an applet.
DSN on Linux Server
connecting to online SQL DB