Reputation: 3
How to protect MySQL Data from decompilers?
I am creating an application that needs access to a MySQL Database. But I know that people are able to decompile Java code. I am wondering if there is a really secure way for me to connect to my database without it being accessed by decompilers?
Upvotes: 0
Views: 107
Answers (2)
Reputation:
In short: no. If you distribute an application which connects to a MySQL server, it will always be possible for users to decompile and/or debug your client application to extract the credentials the application uses to connect.
MySQL is primarily intended for use by a trusted server-side application. If you cannot fully trust your client application (and the users who have access to it!), do not allow the application to connect to your MySQL server. Instead, consider building an HTTP-based API (i.e, a web application) to allow your client software to perform appropriate operations on the database.
Upvotes: 4
Reputation: 502
In a JavaEE application you can store the data source in the application and configure the connection in your application server.
Is your application a standalone Java application that your users have access to but has access to the Internet? In that case you may consider isolating your data layer to another application stored elsewhere and accessible with a web service, for example.
Upvotes: 0
Related Questions
- How to protect compiled Java classes?
- How can I hide my database information in Java?
- Prevent SQL injection attacks in a Java program
- Java equivalent for PHP's mysql_real_escape_string()
- How to protect a MySQL database from unauthorized access and securely connect to it from a Java application
- How can I protect MySQL username and password from decompiling?
- Encrypt and decrypt text in MySQL (possibly with Java)
- How to protect sensitive data in MySQL?
- Securing database information inside Java application
- Securing a database from Java clients