I am creating an API to create an entry in my database. (Hibernating)
I have created a class that monitors the individual tables. I exported it in a jar (called jar 1) (containing class and .hbm.xml files).
Now I am creating API (which includes Jar 1) so that end users can update my database.
I exported the API to a jar (called jar2).
The end user must now include Zar 2 to access the API. But as Jar 2 uses Jar 1, I
Is there a security problem (database) here as I am providing them with a database class file and .hbm.xml files? If so, how can I avoid it?
I am using Java, Hibernate 4 and Eclipse (IDE)
All "Direct-Access-to-Database" applications (not just for Java) have security issues that you must provide to the client workstation with your database login configuration. There is no way to solve it, except that by going to a three-level application. In other words, you can not access the user for your database.
For each installation (or their group), the separate database login user / password must be set and correct run these databases only with you Tuning your database server security to allow the minimum security privileges required for.
No comments:
Post a Comment