I have a java swing desktop app that needs to connect to a remote mysql instance over jdbc. I was thinking of using Amazon RDS for this and creating a security group with an IP of 0.0.0.0 - effectively allowing all IPs to connect to the mysql instance.
I understand that there are security implications with this approach and we should ideal front a remote database with a web application. The desktop app should access the web application via rest/soap and then get access to the db behind it via services exposed by the web app.
Now that's a lot of work. Since I already have the desktop app connecting to a local DB. I just want to move the DB over onto the cloud so that a user can access the same DB from any other system where the same java swing app is installed.
Could someone help me by listing out the security implications on exposing an Amazon RDS DB out on the internet like this?
Also, more importantly, are there any ways of eliminating these risks? Such as SSH Tunneling for example?
The best method is the SSH Tunneling using the KEY that generates by Amazon.
You can also open an ip with the mask IP of 23.43.65.0/24 and also create a VPN with your desktop and Amazon.
I know that when I leave a DB open to the world, which I don't normally do, 24 hours a day, 7 days a week automated process keep trying to login in about 10-15 times per second, all day, every day guessing user names and passwords.
If you go this route, which I don't recommend, better make sure your passwords are very, very hard to guess and if you can rename the built-in accounts to something other than 'admin' or 'administrator' all the better.
Related
I am just a beginner in android app development and that's why I have many doubts. I am building one application where the user enters some data in editText. Now I want to save that data in my database. My database is running on my laptop. How would my app connect to the database? Do I need a web server in between? If yes then which web server is used for Android apps? Basically, i want to know the flow of data from app to the database.
Study more from Udacity.com, its free.
You may use a jdbc Connector to connect to database.
Connect your jdbc connector over local network ip\servername and database connection string
You can use REST Service when it comes to web Service on Android like this. You can either pass the values as parameters or an Object depending on your requirement. All the best
Wamp server is best option to play with server related utilities.You can use it even if you are offline. and it provides various option for data storage. It Mainly uses MySql and PHP scripts for fast performance.
For More details Click Here
I have a MySQL database installed in my Amazon AWS instance (not RDS). The same database is installed in a personal computer, offline.
You have to connect to the amazon database via SSH, it is in a Ubuntu instance.
The online database contains information of 1000 users. The offline versions contain information only for that particular user.
Users use a Java desktop application to feed data into the local database. When they click on the Sync button, the 2 databases should be synced. Remember here that the desktop offline database should "upload" the newly inserted things to the online database while it should "download" new data (if any) related only to the particular user .
The system cannot be a manual way where someone manually turn on a 3rd party application, use putty or connect SSH, configure the databases etc and sync. The system should be embedded to the desktop java application.
I looked into things like SymmetricDS and it is too much complicated, not sure about the SSH access too.
Any idea about how to do this in an easy way? I am also creating a REST API thinking I can handle this manually, but if there is already built system/API I am onto it.
This is very simple and doable. Just use MySQL replication.
MySQL replication
Let me know if you want any further details. I can give you working model of my.cnf as well if required.
Br//
I have a desktop application and it makes use of JDBC. I have no problem with JDBC whenever I use localhost. Now, I am to connect to a server that does not allow remote connection. I was advised to provide a web service to serve as a gateway between my application and the database.
An alternative solution I can think of is, to look for a mysql server that allows remote connection. I find it difficult to look for tutorials where I can clearly understand web services in java. I've done some research and I was told I could use PHP to write a web service and generate JSON file, then I could parse it in java. But If I do that, all my JDBC codes have to be recoded/removed.
Is it possible to connect to the database remotely without having my JDBC codes removed? Or can I incorporate Tomcat with JDBC? Thank you!
Here's what I get..
Exception in thread "main" com.mysql.jdbc.exceptions.jdbc4.CommunicationsException: Communications link failure
Caused by: com.mysql.jdbc.exceptions.jdbc4.CommunicationsException: Communications link failure
Caused by: java.net.ConnectException: Connection timed out: connect
Your questions seems to be leading to an architecture similar to this:
But unlike what your question suggests - the Server Side Module doesn't relay DB queries from the desk-top application to the database - it acts as a server to your desktop application which becomes a client application.
This means re-architecturing (not a real word I think) of your application - but a common best practice. The server side module is responsible for authenticating and authorizing your users to ensure that no one can perform malicious activities on the database.
There is no short answer here - you need to consider if this is the direction you want to go with.
An alternative as others suggested is to allow direct access from the desktop application to the database via a firewall. I assume you are posting here since the people responsible for the database's integrity told you you shouldn't do that.
I think you don't need web service here. To address your issue, you can enable remote access in your MySQL server. Please follow the instruction which is available in this blog. If your MySQL server hosted in Windows environment please refer this document also.
After that update your JDBC URL with remote MySQL server domain or IP address.
To connect Database with web services is higly not recomandable.
Think this way web services is having input/output pattern.
so you want fetch data from table1, with method1.
table2 with method2 etc...
so provide remote access for that database server this could be fine.
You can allow remote connections in MySQL. You're going to have to search for a guide for the specifics depending on the server it's running on (here's one for debian). Although if you don't trust the people running the application or the DB contains sensitive data I would strongly advise you not to do that and use the PHP instead as it introduces a lot of security issues. If it's only IP address that needs to connect at any one time you should only allow that IP address to connect, that will make the security vulnerabilities smaller.
There is nothing stopping you from accessing a remote database using JDBC apart from firewall rules. It is generally considered a bad practice to expose your db credentials over to client side - even if hardcoded in code. This is architecturally flawed approach and should not consider for more than school homework.
However, if you need the solution, you will have following options to look at:
1) Check for the ip address on which Mysql runs. It must not be localhost but a IP like 192.168.1.2, etc..
2) Check if the JDBC error is Authentication related, then you will need to add right permission to the user account. MySQL security model ties the username and the IP from where the user can login. You may need to correct those.
If both are correct, please post the exact exception which you are getting while using JDBC.
You don't have to use a web service. You can implement any form of client/server communication e.g. web services, REST, RMI, native sockets etc. It would be worthwhile to investigate these and determine which is most appropriate. However....
This strikes me as an architectural issue rather than an issue surrounding specific technologies. It sounds to me like you're being guided down the path of implementing some service that allows you not only to access the database, but provide a richer API. e.g. you don't want your client to insert into a table. You should provide an API to add to a shopping basket. i.e. you're working at a different level of abstraction (in the future you may implement your database in a completely different fashion and you don't want to change your clients).
The above is a standard pattern in the Java EE world and wider.
Sorry for the long explanation here but here goes:
As a personal project, I've toyed with making a server management tool for game server hosts.
All of the server hosts use MySQL servers and they're all separate servers.
So:
Is there a java IDE or java library I can use for creating a java desktop app that can communicate with MySQL databases?
More specifically: I need to have clients use a login form to specify the IP address, port, username and password. When they hit connect, the java application sends the login information to the server specified, authenticates and connects.
Then the user can execute T-SQL by simply clicking buttons on a form.
I'm looking for something similar to what I've recently achieved in C# with the MySQL connector for .NET.
But I can't find anything anywhere on something like this, is it just impossible or am I being an idiot? haha. Cheers guys.
To achieve login functionality providing you are going to use swing, use JXloginPane it contains all what you described out of the box. Regarding db, you can use JdbcTemplate
I am making an Android application. Since it is so simple, I first thought I could simply eliminate the need for Java application on the server which acts as a middleware. I tried directly connecting to the database using the JDBC driver for MySQL but my program is crashing so I'm not sure if Android "supports" the JDBC driver for MySQL.
So I am thinking of how to implement the application. Basically the application writes some data from a remote MySQL database and retrieves some data from a remote MySQL database.
Do I connect to a Java server program using sockets (or some other method of communication)? Or could I implement a direct connection to the MySQL database from the client application?
I tried directly connecting to the
database using the JDBC driver for
MySQL but my program is crashing so
I'm not sure if Android "supports" the
JDBC driver for MySQL.
Never never never use a database driver across an Internet connection, for any database, for any platform, for any client, anywhere. That goes double for mobile. Database drivers are designed for LAN operations and are not designed for flaky/intermittent connections or high latency.
Do I connect to a Java server program
using sockets (or some other method of
communication)?
It doesn't have to be Java. It just has to be something designed for use over the Internet. As Mr. King's comment suggests, Web services have been used for this for much of the past decade. For Android, REST Web services are probably the easiest to consume, since there is no built-in support for SOAP or XML-RPC. But whether the Web service is implemented in Java, or PHP, or Perl, or SNOBOL, is up to you.
Well, OK, perhaps SNOBOL won't be a viable option. :-)
I know this might be a little late but as I ran into the same problem with a project at school I wanted to share my solution with you as you might profit out of my experiences.
Android is bad for Database-Operations so creating a normal Database-Controller wasn't a thing. Instead I created a Server in Java which handles all Database-related stuff and can also be extended (in my case I used a Feedback-function, too).
The Github-REPO is: https://github.com/Cedced-Bro/Public-Server You can check it out and this is open-source so you can use and contribute to it if you have more ideas to it.
To answer your question more properly: I would strongly suggest to NOT grant all users direct access to your DB as you can run into security issues with malicious users. This was the reason why I created this controller in the first place instead of just a PHP "forwarding"-server.