在 java 桌面应用程序中安全地存储数据库密码的位置
[英]Where to store database password secure in java desktop application
问题描述
i was looking over the similarly questions but i didn't find the right answer and i think that there has to be some secure solution.
我正在查看类似的问题,但我没有找到正确的答案,我认为必须有一些安全的解决方案。
I have the client- server application.我有客户端-服务器应用程序。 The clients are connecting to the central MySQL database which is on server.客户端正在连接到服务器上的中央 MySQL 数据库。 My problem is how to secure store database password on client desktop application.我的问题是如何在客户端桌面应用程序上保护存储数据库密码。 For now i am storing it in crypt form in java properties file.现在我将它以加密形式存储在 java 属性文件中。 But properties files are readable and also after decompiling my application everybody can see which crypt function i use for encoding the password and can easily get the password.但是属性文件是可读的,并且在反编译我的应用程序后,每个人都可以看到我用于编码密码的 crypt function 并且可以轻松获取密码。 So i think that there is no way how to secure store the db password in client application, am I right?所以我认为没有办法在客户端应用程序中安全地存储数据库密码,对吗?
The solution can be that the client application will do some handshake with the server to get the database password, is there any rules or patterns how to do this handshake?解决方案可以是客户端应用程序将与服务器进行一些握手以获取数据库密码,是否有任何规则或模式如何进行此握手?
1 个解决方案
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.