Maintaining a Secure MySQL connection
Question
I'm new to databases and all that stuff. Let's say I have an application that connects to a database to authenticate users. I have a table Students (the users) with their respective passwords. To connect to the database, in order to I need a MySQL connection that looks like this :
MySqlConnection("server=; database=; uid=; pwd=");
The problem is the fact that I need to hard-code the root password of the database in the application, therefore distributing the root password of the database to all users of the application. To me, it doesn't make sense ? Am I missing something ?
1 answers
solution1
0 2013-11-19 00:53:04
In general you have something like 'client server model'. The client (your c# app), connects to the server. The server then connects to the DB (and so only on the server side the user/pass is known).
client <-> server <-> mysql
I would say its bad practice to implement a db connection in the client. However, you could implement a per user database authorization. Meaning the client needs to enter (the mysql ) user/pass. But then you need to give the user certain 'rights' directly on the db. My guess is, you don't want that.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.