×

Loading...
Ad by
  • 最优利率和cashback可以申请特批,好信用好收入offer更好。请点链接扫码加微信咨询,Scotiabank -- Nick Zhang 6478812600。
Ad by
  • 最优利率和cashback可以申请特批,好信用好收入offer更好。请点链接扫码加微信咨询,Scotiabank -- Nick Zhang 6478812600。

@Las Vegas

My previous experience with Sybase and applet

sailor(Sailor)
I don't know how to answer your question, but I can share my similar experience with you.

2 years ago I was working on a Java applet project, the database is Sybase. As the java bytecode is not a pure-compiled code, it's unsafe to put the userid and password of the database in the java code. But with JDBC you have to.

The final solution is I set a privillege protection on the database with carefully designed mechanism. I use table privillege and stored procedure.

In that case, even someone get the userid and password, he still cannot access the protected data in the database.
(#12438@0)
Last Updated: 2000-10-29
This post has been archived. It cannot be replied.
Report

Replies, comments and Discussions:

  • 工作学习 / IT技术讨论 / Jabber,and other Java Gurus please give some suggestion -lsc(Kantata); 2000-10-29 {319} (#12415@0)
    Hi, I am designing a project with C/S architecture using RMI. I need to consider a secure communication and authentication
    between client and server. I do not know much about RMI security. I want to know if there is some security mechanism I can directly depend on, or with few application level programming?

    Thanks
    • My previous experience with Sybase and applet -sailor(Sailor); 2000-10-29 {599} (#12438@0)
      I don't know how to answer your question, but I can share my similar experience with you.

      2 years ago I was working on a Java applet project, the database is Sybase. As the java bytecode is not a pure-compiled code, it's unsafe to put the userid and password of the database in the java code. But with JDBC you have to.

      The final solution is I set a privillege protection on the database with carefully designed mechanism. I use table privillege and stored procedure.

      In that case, even someone get the userid and password, he still cannot access the protected data in the database.
      • thanks, sailor, your experience is valuable to my project... -lsc(Kantata); 2000-10-30 {238} (#12546@0)
        thanks, sailor, your experience is valuable to my project. I want to know more detail about table privillge and stored procedure, is it product specific or general solution? since we would not bind our project on certain database product.
        • About privilege control of database. -sailor(Sailor); 2000-10-31 {481} (#12694@0)
          For those database system from big vendors like Sybase, you can set the security privilege for tables, records, columns. You can set any of them as readonly, not-accessable, etc.

          You may also set privilege for stored procedures.

          With the combination of all these security methods, you may define a security mechanism to protect your data and system. If you haven't touch this topic before, I suggest you to study the manual of the database product.

          Hope it's helpful.
          • thank you, Sailor -lsc(Kantata); 2000-11-1 (#12778@0)
    • If your project is not connected to Internet, RMI is good enough. -jabber(jabber); 2000-10-30 {430} (#12529@0)
      If your project is connected to Internet, go on with RMI. At the final stage, use SSL to encrypt your communication. As for authentication, it is not a probelm that can be solved by using some protocol. If your business is extremely important,
      have your boss negotiate with Verisign oor list like to get certificates. Authentication based on certificates are most serious way to authenticate the partners in communications.
      • need I use socket factory when using ssl, Jabber?could explain more about it? At the same time, I will try to learn more about RMI security. -lsc(Kantata); 2000-10-30 (#12545@0)
        • It depends upon what server you use -jabber(jabber); 2000-10-31 {266} (#12560@0)
          If you use Apache, you just need do some configuration work. http and https listen at different number. If you use other servers, I don't have an idea how to implement ssl.
          Anyway, it is not difficult to apply ssl. But SSL can encrypt your communications only.
          • Thank you, Jabber -lsc(Kantata); 2000-11-1 (#12779@0)

More Topics

  • 看大家讨论日语,俺也正在认真学习。其实语言问题应该是很快也很容易就解决的,可能比自动驾驶来的还快。TREK里面,全宇宙的人都在大脑里安装了UNIVERSAL TRANSLATOR,外星人之间相互交流无障碍。废话少说,看视频。。。加上个MIC和耳机,不同国家的人就可以无障碍交流。
  • 肉脸真有搞 IT 的?Linux 把俄国中国伊朗踢出去了好像肉脸 IT 没啥感觉似的
  • 请问web developer和software developer技术上有什么区别?
  • Elon Musk 带着川普总统奔向火星了。
  • 扔硬币的实验研究
    • 枫下论坛主坛工作学习IT技术讨论