使用Java JDBC连接Google Cloud SQL数据库的方法
[英]Connection methods to Google Cloud SQL Database with Java JDBC
问题描述
Currently, I have created a simple Java application that connects to my Google Cloud SQL database the normal way: 
目前,我已经创建了一个简单的Java应用程序,它以正常方式连接到我的Google Cloud SQL数据库:
try {
Class.forName("com.mysql.jdbc.Driver");
Connection con = DriverManager.getConnection("jdbc:mysql://-google-cloud-sql-ip:-port-/-projectname-","-user-","-password-");
Statement st = con.createStatement();
}
catch (Exception ex) {
ex.printStackTrace();
}
My only concern is that the password is placed here as plain text. 我唯一担心的是密码是以纯文本形式放在这里的。 It is not protected in any way. 它不受任何保护。 I do know that it is possible to protect the source code with something like yGuard . 我知道可以用yGuard之类的东西来保护源代码。 Also, I have to register my external IP address in Google Cloud for it to work. 此外,我必须在Google Cloud中注册我的外部IP地址才能使用。
Therefore, I was wondering if I could use some sort of OAuth method to make a database connection to the Cloud SQL database. 因此,我想知道是否可以使用某种OAuth方法建立与Cloud SQL数据库的数据库连接。 I'd prefer a connection method that is independent of my computer's physical location, so I can connect anywhere I want (if I have an internet connection). 我更喜欢一种独立于计算机物理位置的连接方法,所以我可以连接任何我想要的地方(如果我有互联网连接)。
Is there a better method than the one presented above, or is this the only way? 有没有比上面提到的方法更好的方法,还是这是唯一的方法? And if so, please let me know how to protect the plain text password. 如果是这样,请告诉我如何保护明文密码。
Any help is much appreciated! 任何帮助深表感谢!
1 个解决方案
解决方案1
2 已采纳 2015-06-01 21:08:54
It is not possible to use OAuth2 to authenticate connections to Cloud SQL. 无法使用OAuth2验证与Cloud SQL的连接。 You could use an OAuth2 authenticated API call to create a new, temporary username/password pair (and/or authorize an IP) and then use that to connect, however this does not add any extra safety over simply embedding credentials in your application. 您可以使用OAuth2经过身份验证的API调用来创建新的临时用户名/密码对(和/或授权IP),然后使用它进行连接,但这不会增加任何额外的安全性,只需在应用程序中嵌入凭据即可。
As Razvan suggests in his comment connecting directly to your Cloud SQL instance from your Android app is almost certainly going to be insecure. 正如Razvan在他的评论中建议的那样,从Android应用程序直接连接到您的Cloud SQL实例几乎肯定是不安全的。 Moreover it will be impossible for you to do schema changes in the future as you will have old versions of the app in the wild that you cannot control the upgrading of. 此外,您将来不可能进行架构更改,因为您将无法控制升级的旧版本应用程序。
Here are a few alternatives: 以下是一些替代方案:
- Use Firebase , which is designed for secure database use from mobile and javascript. 使用Firebase ,专为从移动设备和JavaScript使用安全数据库而设计。
- Develop your own database-backed API to serve your mobile app's needs. 开发自己的数据库支持的API,以满足您的移动应用程序的需求。 Each bit of data to be set or retrieved by your app can have a separate API call, which can do any authorization or validation you need before making the actual database call. 您的应用程序要设置或检索的每个数据位都可以有一个单独的API调用,可以在进行实际数据库调用之前执行所需的任何授权或验证。 You can use Google Cloud Endpoints to do much of this for you. 您可以使用Google Cloud Endpoints为您完成大部分工作。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.