Sometimes we deploy applications behind customer firewall and we need read only access to their DB for debugging issues as sometimes their IT people are not SQL savvy. We want to bundle our application with some web based application that will expose the database and allow us to fire adhoc SQL queries and show their output in HTML table. We dont want to write home grown code and we can bundle Java/JSP based applications.
Our backend is Oracle so we need a solution that can connect to oracle server and expose it over the web.
If you want the database behind a firewall, and believe me, you do want your database behind a firewall, see if you can have a VPN for going directly into the box. Once you are on the VPN, you can use whichever management tool you currently use for managing the database. So if you use SQL Server, you can connect via the VPN, and use Enterprise Manager to manage the database. Oracle probably has a similar tool, although I'm not that familiar. While having a VPN does incur an extra cost, it will probably make things many times easier.
phpMyAdmin is a good favourite if you're using MySQL. Its always a bit dangerous opening up an application like that if the db is intended to live behind a firewall, but as you say you could set it up ith a read-only account and possibly add extra layers of security on top like simple HTTP Basic auth.
Oracle Tool is a pretty decent oracle web front end. But so is enterprise manager.
Either way, you don't want your database open to the outside world in any way, either via some website or a listener or anything really.
The VPN solution is the way to go, just get VPN and then you can use whatever tools you normally use, if VPN is not an option then a simple firewall rule allowing just your IP's access would be ok, but not quite as nice as VPN.
On my current project, we use SQL Navigator in order to run queries on our Oracle database. I've also heard decent things about TOAD. I would advise against writing a web application just to run ad hoc SQL queries, because it seems to me that plenty of tools can support your debugging needs.
Related
I am intending to have a console on my web app so I can run queries directly from my browser. I can only find guides on how to connect the h2console to an in-memory DB instance. Is this possible? Security isn't an issue, this is strictly for testing purposes, only my ip address will be allowed to connect to the site (for now).
I think you are confusing some things here: h2 is an in-memory-database. There is NO persistent storage. MySQL is a proper RDBMS. I would not expect you to be able to connect to mysql through that interface.
If you just need to be able to execute queries from your web application, and it is not going to go public, simply create a page with a textarea, send that to the backend using JDBC. If I have misunderstood your question, please add additional details to it so we cn provide a better answer.
I'm developing a desktop application in JavaFX with login system and some data that must be saved in a remote database. The question is: What it's the best way to stablish a database connection with each user with the server? Should I use a RESTful API or connect to database using the remote host just like if it was a local DB?
What kind of data are you looking to manipulate? Depending on exactly how much control you may need over the information (and how secure it must be?) if you don't need an absolutely synchronized view of the information (re: the server side app having a persistent connection to the client which is informed on change events and such) it may be best to just build up a RESTful API to do all of your grunt work between the two.
If you're coming to the RESTful api and also have to design it I suggest giving this a good read. Best Practices for a Pragmatic RESTful API
I'm developping an Android application for offering and claiming certain items (sort of a market) for a course that mainly focusses on user-centered design and the UIs (which mostly means we have to quickly implement all the logic and management underneath).
It's my first application that effectively needs to be shipped. So now I wonder what are the best strategies and best decisions regarding the R DBMS (because this area seems a very dense forest for some newbies) ?
The application will not target >1000 users in total
Remotely accessible
Transactions and ACID properties need to be supported
SQL queries must be possible
Secondly the DMBS must be contacted remotely. So I wonder if there's a sort of plug and play (blackbox) solution available for setting up the backend (free/cheap, few implementations, ...).
scalability, availability and security aren't really issues (at the moment)
First you need to decide how the android devices will talk to the central database. Options, from easiest to hardest:
Direct JDBC connection (over TCP). Some networks might block direct TCP connections. No offline capability.
Tunnel JDBC over HTTP(S). No offline capability.
Run a local database on Android (Sqlite) and synchronize to remote database when can (allows for offline). See SymmetricDS.
Put REST API in front of remote database and use android's built-in syncing capability.
Second you need to decide how to segregate remote database data between users:
No segregation, users can do what they want to others data.
Database segregation, aka Row-Level Security
Application segregation (no segregation in database, but control segregation in say your REST API)
You need database segregation if choosing options A, B or C from question 1.
How many concurrent writers for remote database?
PostgreSQL is a great choice these days, but MariaDB might be a better choice if you require row-level security as it supports the WITH CHECK OPTION clause, which isn't coming in PostgreSQL until the summer.
Not entirely sure what you are specifically asking because you can get a lot of info just by googling a few things. But if you might want to look at couple of google options. I haven't tried all of these so grain of salt:
App Engine: https://cloud.google.com/developers/articles/how-to-build-mobile-app-with-app-engine-backend-tutorial
Google Drive: http://developer.android.com/google/play-services/drive.html
and more generally, storage options from the Android docs: http://developer.android.com/guide/topics/data/data-storage.html#netw
I have developed a Java database application that has been deployed to users via a web server. Now, all is good but it has been requested that some of our external clients would also like access to the software. Is there any way that I can make the application work for these clients? The application has been put on another web sever that is accessible for external users and also has visibility to our SQL server but the application is not working, it will load in the browser but users cannot login to the system which works by database authentication. Am I missing something simple here or is this something that can't be done. I would imagine the latter since I think the web start application downloads to users machines which would explain why you can only login when a VPN connection is active.
Any help on this matter would be greatly appreciated.
Most definitely your firewall blocks the connections to your database when they are initiated from the outside. This is a good thing because you generally don't want to expose a database to the Internet.
One hacky way to do it would be to implement some kind of JDBC over HTTP to tunnel the database requests. Basically you'd use a JDBC driver that redirects the SQL requests to a web server.
A better way would be to refactor your code (I presume that would be a lot of work though...)
If you manage to abstract the data access layer, you can replace it by something more suitable for a web access, for instance a Web Service.
Finally a drastic option is to transform your client/database application into a webapp.
I have an Apache Derby database that, until now, has always been locally accessed. It needs to be accessed by multiple computers now, so I feel it ought to have a username/password.
How do I take the existing database and retroactively add a user
How do I provide local/network authentication for that user?
I recall looking through their docs a few years ago, and it seem like there was a lot left to a developer to implement in these cases.
To clarify more, regarding point #1, this page says:
Attention: There is currently no way of changing the database owner once the database is created. This means that if you plan to run with SQL authorization enabled, you should make sure to create the database as the user you want to be the owner.
I think this means that I will probably have to create a new database with a named user, and migrate all date from the original single-user database to the new one. Is this correct? Is there an easier way?
Also regarding question number two, the manual says
Important: Derby's built-in authentication mechanism is suitable only for development and testing purposes. It is strongly recommended that production systems rely on an external directory service such as LDAP or a user-defined class for authentication.
Which, to me, says that the builtin authentication isn't worth using. There's no way we're going to go to an LDAP integration either, so is there something in-between these two that is worth using?
Since you mention you're going from a single-user environment to a multi-user environment, you're probably going to be setting up the Network Server, so you will have two levels of security to consider: database authentication, and network server authentication.
You probably want to start here: http://db.apache.org/derby/docs/10.8/adminguide/cadminapps49914.html
and here:
http://db.apache.org/derby/docs/10.8/devguide/cdevcsecure42374.html