英文:
Is it possible to use PHP as a database call handler for my javafx app?
问题
我有一个JavaFX应用程序,我创建了一个并且它会调用MySQL数据库。不幸的是,如果查看JAR文件,数据库的用户名和密码是可见的。有没有办法让JavaFX应用程序连接到我在Web主机服务器上的一个PHP文件,以管理这些数据库调用和数据库连接,这样我就不需要在客户端存储凭据?或者在服务器端处理这个问题有更好的方法吗?也许可以使用一个API?
英文:
I have a javafx app that i created and it makes calls to the mysql database. Unfortunately the database username and password is viewable if you view the jar files. Is there a way to have the javafx app connect to a PHP file on my web host server to manage these database calls and database connection so I do not need to store the creds client side? Or is there a better way to handle this server side? Maybe an API?
答案1
得分: 0
确定首要事项是您希望使用您的Java应用程序读取/写入的数据。仅限于应用程序所需的数据。
其次,您为什么要担心揭示存储访问凭据?是因为有些数据不应该从Java应用程序中可见吗?
如果应用程序可以访问数据,那么应用程序的所有者就可以访问数据。这里没有其他选项。您在这里唯一能做的是限制每个应用程序对其数据的访问。这意味着每个应用程序都应该有其自己的凭据,这些凭据允许访问该应用程序的数据。
无论您是使用MySQL直接连接还是API,都需要一些访问凭据(数据库登录+密码或API令牌),或者根本没有凭据,但最后一种情况意味着每个人都将具有访问权限。
英文:
The first thing you should determine is the data that you want to read/write using your java application. Only that data that it needs.
The second is why do you beware of revealing storage access credentials? Is it because of data that shouldn't be visible from the java application?
If an application has access to data hance the owner of the application has access to data. No other options here. The only thing you can do here is to restrict access for each application to its data. It means that each application should have its own credentials which give access to that application's data.
It doesn't matter if you use either MySQL direct connection or API. In both cases, you have some access credentials (DB login+password or API token) or don't have credentials at all but the last one means everyone will have access.
专注分享java语言的经验与见解,让所有开发者获益!
评论