I have a client server based application.
The server is PHP with MySQL, no big functionality, just for keeping my data and providing and administration interface.
The client is a Java (FX) application.
Unfortunately the connection between the client and server is not permanent, so I have to have a local copy of the database for the case the server if not accessible.
Most of the times the client only reads data from the database but there are a few cases when it needs to update it.
My question is: what is the better solution to keep up a local copy of a MySQL database and track changes (to be updated in MySQL next time it is available).
It is a complicator factor that I do not need the full database locally, it would be too large, I need only the user specific information (user is authenticated by local machine username)
Do you have any idea? :)
Thanks:
Levente
Related
I am stuck at this and search a lot about it but didn't find any solution.
I created software in Netbeans that is currently connected to the local database (localhost PHPMYADMIN), now I have a server. What I want to do is that, For example, when the user clicks on the save button data must save in the local database and then upload on the server (at the backend). I didn't want to save data at the same time on both server and local because its time taking and slow down the software performance.
I am trying to develop a desktop application to be run on local network. It has two UI. One for users to log in complaints and another one to process the complaints. Both of them are connected to a single database. Now i want to know weather i should use the JavaDB in embedded mode or network server mode to implement this and what is the difference between the two approaches.
In embedded mode the database code runs in the same process as the embedding application. The database files are locked, no other process can access the database files. This is the right choice if you have only one application with one user per database. The advantage over network mode is that there is no network traffic to access the database.
In network mode the database code runs in its own process (the database server). Client applications can access the database over the network. Several client applications can access the database at the same time. So this should be the right choice for you, because you have two different client applications accessing the database at the same time.
I have a Java application that sends user score to the mysql table. When the user is done, Java app accesses the .php file on server and the .php server performs a query on the database (inserting score).
I am concerned about the (in)security of this method. I mean, if someone finds out the direct url to the .php on a server, they can produce a lot of mess in the dabase. Can you advise how I could prevent the .php from executing the query other than accessed by the Java app?
edit: The problem is that Java application is NOT run on the server, it's run on the user computer using Java Web Launcher platform. So it's not an applet...
The problem is conceptual. You should never be sure that users can't find out the real address (security by obscurity). You could use SSL, still this is no means against a good guess.
Since the Java program is run on the client side, a .htaccess restricting access to a certain IP is also not an option.
My suggestion is to create a separate user in mysql, grant this user access only to necessary tables and perform the database queries on behalf of this user directly in Java. This way all data is encrypted (see http://dev.mysql.com/doc/refman/5.5/en/ssl-connections.html) and no URL/access point is exposed. Of course it means your MySQL server must be reachable from outside which poses a risk, too. You should have a good root password!
I want to create java desktop application, which stores it's data offline in a database (not just some config files). The application should work fine when the user is offline. When the user becomes online, the offline database should be able to sync with the online master.
Any ideas which technologies can be used to achieve this?
This has been discussed on stackoverflow a lot and it usually boils down to: don't roll out your own solution - This is a very specialized field - Look up SymmetricDS. It does what you want.
One of my fav discussions is Strategy for Offline/Online data synchronization
Use one of the available pure java DB implementations as a local DB. Use any other DB as a remote one.
Implement logic that tries to connect to remote DB and fall backs to local one on failure. If it connects successfully to remote DB implement the data synchronization.
When the local application operates, it should not only change database, but also log the changes. That changes are sent to the server when the connection is available. Also, the application receives logged changes stored on the server (from other application instances).
The main problem is how to merge changes made by different instances. There can be 3 variants:
1) Each application instance can modify only its private part of the whole database. Your are lucky, no merging needed, and server can store only logs and not run the whole database.
2) modifications always can be merged automatically (for example, application can add a value to a common variable, but cannot set it directly). The server runs the whole database, accepts partial logs from clients, generates its own log and sends it to clients.
3) Clients are allowed to do arbitrary modifications. This leads to potential conflicts. In case of conflicts, one of conflicting changes should be rejected. That means, that if a client made local modifications, that modifications can be rejected later by the server. The user interface must reflect this issue. In the rest, this is similar to the variant 2.
i am writing an application in java and i want to enable it to access a mysql remote server.
my problem is that if the application have the user name and password someone can take them and use my db with a different software.
is there a way of preventing it ?
UPDATE
i found this workaround for connecting to a remote MySQL database from an android device.
you put a service in the middle. like a php page that code the data in JSON format which the android app gets via http.
here is the example i found :
Connecting to MySQL database
Having the username and password is designed specifically to grant access to the database. That's the whole point.
You could go to some extra lengths like restricting database connectivity to specific hosts, so at least your paying customers get access to the database and no else can access it, but your customers might choose to use different software to access the database. There's no way around it except licensing terms.
What you could do is run an intermediary program on your own hardware that connects to the database and restrict access to the database to software that is under your direct administrative control. Your program would validate all requests from software under control of your customers and allow the queries that you want to allow and refuse (and log) the queries you do not have to allow. (You do not need to send raw SQL data back and forth -- you can do any amount of processing on the data and queries.)
You can setup JDBC Data Source on your application server. Here you can see example for Oracle Glassfish.
So, your credential won't be used in your code/resources.
If you are saying that you have an application trying to access a MySQL remotely (not in the same box), then i think you need not worry, as the connection that will be established by your application codes will not expose the username and password when it is trying to authenticate and authorize itself to the MySQL server.
You can limit the access to the MySQL-server so that only certain IP-addresses or IP-ranges have access to it.
As a side note, make sure that the user you use in your application only has the needed permissions to the database. For example, the user might not need to be able to create or delete tables. You can even specify permissions for the user on table and column level.