Hoping someone can set me straight on what exactly a Servlet is. I have a basic website i'm making for work, more of a hobby that anything else. I have log system setup with mysql and PHP utilizing XAMP for now. I have a calendar app in java that I was using jdbc:mysql to connect directly to the database. works perfectly. Then it occurred to me all my passwords are floating around in this jar.
So instead I tried java URLConnection posting to a PHP page and reading XMLechos. It will only work once then i get a premature end of file error.
So my question is..
Should I try and learn more about PHP, XML and URLConnection and get that to work or is there a better way?
Should I create another java program as a Servlet and use that?
How is a servlet anymore safe, can someone download my Servlet to get db connection info? (i understand they won't be downloading it to use the "calendar")
Please can someone outline the proper interaction to keep the database secure. Its not sensitive data anyway but i'd like to learn the correct way if i can help it
ps I have about a month of programming experience under my belt so be gentle!
Hi, thanks for the replys sorry I was so unclear. My old setup that worked was a jar file that had 3 classes one of the classes had my mysql connection info in it. this jar would be used as a "calendar" for the client but hosted on my server. Is my login info safe in that jar? Couldnt they access the source to get the connection info if it was hard coded in? IE not passed in as a variable. What is the best approach to fix that issue?
I decided I needed a servlet instead so that the servlet would contain connection info and it wouldnt ever be passed to the user, just accessed by the "calendar". The servlet currently isn't a java jar it is just a .php file that accepts posts from the calendar, runs a sql query and generates a xml file. The xml is read by the calendar applet. (works once, and only once.)
Can a php file act in the manner i'm attempting or do I need a java based class extending servlet?
I'll post any of the code as soon as I get home, i'm at work atm and can't get to it all. I really looking for a explanation of the process I need to implement, and the safely of my connection info. I don't mind googling how to do it all after I'm set on the right path. Thanks again!
Jeremee Mccann wrote:Is my login info safe in that jar?
Again, the Java code stays on the server.
Couldnt they access the source to get the connection info if it was hard coded in?
No. Not unless they can log into your server, in which case all bets are off. Are you giving them ssh access? No. So, no.
Joined: Nov 03, 2013
Thank you so much for clearing that up. Servlet seemed kind of overkill for a very simple website.