The moose likes JNLP and Web Start and the fly likes Security and JNLP Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » JNLP and Web Start
Bookmark "Security and JNLP" Watch "Security and JNLP" New topic

Security and JNLP

madhu mundhra

Joined: Oct 07, 2010
Posts: 1
Hi.. I am using one application as a jar file runnning with help of JNLP, as database credentials are stored in jar file itself.. its not as secure.. let me know the best solution for this problem..

1) Convert application Swing components into Web application
2) Run application using applet
3) use some servlet to connect to database

Or I have other options ..?
Lester Burnham

Joined: Oct 14, 2008
Posts: 1337
Applets aren't any different from JNLP apps.

The usual solution would be to have the desktop app connect to a servlet via HTTP/HTTPS, and then the servlet would connect to the DB (and would return the results in the HTTP response).
Maneesh Godbole
Saloon Keeper

Joined: Jul 26, 2007
Posts: 10828

Welcome to the Ranch.

I would go with the application->servlet->DB route. Like Lester mentioned, there is no difference between JNLP apps and Applets, effectively its just a thick client.
However, if you use the servlet, you can store the DB credentials as a properties file under your WEB-INF on the server. In case you need to change the DB credentials or switch the DB, all you need to do is update the server side properties without having all the clients update their application.

[How to ask questions] [Donate a pint, save a life!] [Onff-turn it on!]
I agree. Here's the link:
subject: Security and JNLP
It's not a secret anymore!