Re: Secure access to database application
- From: Arne Vajhøj <arne@xxxxxxxxxx>
- Date: Sun, 10 Jun 2007 22:02:13 -0400
Peter Ashford wrote:
Just looking for a bit of advice. I have an muti-user application
that I'm developing that talks to an Oracle database. What's the best
way (or at least a good way!) of securing user + password access to
the program? I've currently got a user table in the database and I
fetch whether the login credentials match what's in that table - but I
log in as an admin user to the DB in order to fetch the user table, so
admin password is coded into the application - this is obviously
bad.
Ideas? I presume there's a standard way of doing these kinds of
things :o)
The best solution would be if each user got real database
usernames/passwords and simply connected with those.
The next best solution is probably if the initial connection
to check the access used a username/password that only gave
access to run some check & lookup code that are only available
for running not for viewing.
Arne
.
- References:
- Secure access to database application
- From: Peter Ashford
- Secure access to database application
- Prev by Date: Re: Java is slower than C++!
- Next by Date: Re: FamilyAndTwist.Com: News About Technology
- Previous by thread: Secure access to database application
- Next by thread: JSF, how to display CSV file?
- Index(es):
Relevant Pages
|
