Welcome to the Java Programming Forums


The professional, friendly Java community. 21,500 members and growing!


The Java Programming Forums are a community of Java programmers from all around the World. Our members have a wide range of skills and they all have one thing in common: A passion to learn and code Java. We invite beginner Java programmers right through to Java professionals to post here and share your knowledge. Become a part of the community, help others, expand your knowledge of Java and enjoy talking with like minded people. Registration is quick and best of all free. We look forward to meeting you.


>> REGISTER NOW TO START POSTING


Members have full access to the forums. Advertisements are removed for registered users.

Results 1 to 2 of 2

Thread: Secure way for database calls between client-side and server-side in JAVA & Servlet?

  1. #1
    Junior Member
    Join Date
    Oct 2013
    Posts
    1
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Question Secure way for database calls between client-side and server-side in JAVA & Servlet?

    i am builds a java chat application , based on Java Secure Sockets and JavaFX and use Derby Database on the server side to record the members in the database ,

    My Question is , how i make a secure connection between the Client Side Applet and the Server Side ? instead of the direct connection to the remote database from the client side to the server side ?

    i had an idea to use Servlet as a Remote API , and calling it from the client side , and tell it the command to run it in the remote database on the server ?

    Is this method Safe and Secure ? but i am worry about that may a bad people try to fetch the API URL , and try to call it badly and add wrong records to the database without needs to login the client-side application and try to hack the database ? so how i secure my self from this matter ? with notice that the client-side Application may be installed in many computers , so don't tell me to secure the API by determine the remote IP which capable to connect via the API

    And if there are any other more secure methods please tell me

    Thank you ,


  2. #2
    Forum VIP
    Join Date
    Jul 2010
    Posts
    1,676
    Thanks
    25
    Thanked 329 Times in 305 Posts

    Default Re: Secure way for database calls between client-side and server-side in JAVA & Servlet?

    Well it depends on how your servlet interacts with your database. First of all, beware of designing it in a way which can leave you open to SQL-injection. Second, consider implementing some sort of user system, which requires a user and password authentication to interact with the api. Lastly, you could implement a client-side session which you can pass to your servlet during every command. The session variable could be sent to the servlet on client initialization, and kept until some period of inactivity has passed. Every command you send would contain the session, and the servlet would validate the session before doing anything.
    These aren't bullet-proof, but it would at least make hackers put some effort in if they want to do anything malicious.
    NOTE TO NEW PEOPLE LOOKING FOR HELP ON FORUM:

    When asking for help, please follow these guidelines to receive better and more prompt help:
    1. Put your code in Java Tags. To do this, put [highlight=java] before your code and [/highlight] after your code.
    2. Give full details of errors and provide us with as much information about the situation as possible.
    3. Give us an example of what the output should look like when done correctly.

    Join the Airline Management Simulation Game to manage your own airline against other users in a virtual recreation of the United States Airline Industry. For more details, visit: http://airlinegame.orgfree.com/

Similar Threads

  1. Replies: 13
    Last Post: August 12th, 2013, 11:20 AM
  2. How to make the output side by side. I need HELP!
    By JAVAHELPP in forum What's Wrong With My Code?
    Replies: 5
    Last Post: March 18th, 2013, 07:49 PM
  3. File transfer from Client to Server side
    By highlander141 in forum Java Networking
    Replies: 1
    Last Post: August 29th, 2012, 08:53 AM
  4. Replies: 3
    Last Post: September 8th, 2011, 04:42 AM
  5. InputStream Problem at Client Side
    By pavan in forum Web Frameworks
    Replies: 1
    Last Post: March 26th, 2010, 03:21 AM