stackoom
  简体   繁体   中英

PostgreSQL secure connection in standalone java application

 原文  2013-02-04 18:25:09       java/ security/ postgresql

Question

I'm creating standalone application (GUI-based on Swing). It will be like password holder (eg login / passwords for user specified sites)

It connects to remote psql database. And connection to the database stores in db.properties files.

What I would like:

  1. How could I 'hide' database connection from user who will unarchive my .jar package? (in worst case at least the password of the connecting user)
  2. Is there any way to prevent decompiling / debugging the file?

1 answers

solution1
 1 ACCPTED  2013-02-04 18:54:38

I recommend storing the DB credentials in an environment variable and having the source code read in the value.

This prevents having to store the credentials in source control or binaries but allows you to easily provision/change your secrets.

This has become a best practice included in "12 factor apps" and models the way Heroku and other hosting services manage application level config.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Creating Connection Pool In Standalone Java Application Disadvantages of static Connection object in Java standalone application Access Secure EJB on Glassfish from Standalone Java application get JDBC connection monitoring data in introscope for standalone springboot java application Java based Standalone application How to establish secure connection between java application and database? RMI connection in javafx standalone application secure imap connection in java Secure MySQL connection in Java? Creating secure java application
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM