1

I have a server that has a mysql database. I want my client-side java application to query if the user is in the database (to give them access to the rest of the application). Ideally, I want my client-side app to communicate to a server-side app (same server where mysql db is stored) that will take this query, query the db and send the query results back to the client.

I understand this can be done using Java ServerSockets, and I think I have an idea on how to do this, but before I continue I'd like to know if there is a framework that already does this? Maybe something I can simply run on my server that will listen for these queries from clients and send the result to the client. Basically, does this solution already exist so that I do not have to build the application myself?

This is all new to me and I'd like to deploy this system as soon as possible. I know building it on my own will take a while (especially if I want it to be security conscious), so I'd like to save time where I can with pre-existing tools. Btw, I'm using an AWS EC2 VM running Ubuntu. I've already got the mysql db installed and running on localhost.

Any advice is welcomed,

Thanks

user577317
  • 53
  • 8
  • What if you create mysql users itself, with user access to specific schema, and then allow clients to make connections with their mysql userid-password? – Anand Vaidya Apr 05 '16 at 07:57
  • This is how most of the web applications work. You have a client side which communicates to an application on server side, which in turn queries database. This is too broad to be answered in single post. I suggest you to read more blogs about complete working of Java web applications. And yes, there are many frameworks to make your work easy. – Anmol Gupta Apr 05 '16 at 08:04
  • Looks like he doesnt want to use any web framework, that's where the problem comes from. – Anand Vaidya Apr 05 '16 at 08:13
  • @AnandVaidya this is definitely the simplest solution and I've thought about this. If I go this route, this would mean that the client-side app would contain a hard-coded userid and password so that it can connect to the db. Does this introduce security risks somehow? As in, since the user has access to this app could they somehow gain these credentials since they are just stored in strings? Also, this would mean that I would have to set up the db so that it listens for clients (as opposed to just localhost), correct? – user577317 Apr 05 '16 at 08:16
  • Of course this is a security risk! If your client means web browser, then anyone can view the source code of client side app and see your database credentials! – Anmol Gupta Apr 05 '16 at 08:20
  • @Anmol client means an executable jar running on a user's computer that he or she downloads. I'm worried that the user could use the strings command on linux against the jar to extract strings. – user577317 Apr 05 '16 at 08:27

2 Answers2

1

Try to read on how to use JDBC (note that JDBC is specific to the database system, so in your case, search for JDBC for MySQL )

PendingValue
  • 252
  • 1
  • 12
0

Just check out if this can be of your help. http://www.manageability.org/blog/stuff/jdbc-proxy-drivers/view

SSL-SQL-Proxy Server – The goal was to develop a server, that works as a proxy server, to forward SQL-Queries using SSL. The server was supposed to be mostly platform independent, and after some considerations, Java was the language of choice. The proxy-server accepts SSL-secured connections over TCP/IP, and reads the request using a specified protocol. Then the proxy-server uses a JDBC-Driver to connect to the database and forward the query, getting the result and transfer the result back to the client via SSL.

Anand Vaidya
  • 1,374
  • 11
  • 26