How to avoid writing the MySQL database password explicitly in your code
I am creating a dynamic website that will query the MySQL database from the Apache Tomcat frontend. Although the database stores all user information with an encrypted password, it seems I still need to explicitly write the password (root or admin account) in java code to authenticate users. I feel that this is not very safe. What is the correct way to do this?
Thank!
source to share
Since you are working with an application / servlet server container like Tomcat, you can use the databsae connection data on the server and just get the connection from your application.
In Tomcat, you can set up JDBC connections in the context.xml file, where you install the connection driver, url, user password, and password. You also configure the link name for this connection. Ej:
<Resource name="jdbc/TestDB" auth="Container" type="javax.sql.DataSource"
maxActive="100" maxIdle="30" maxWait="10000"
username="javauser" password="javadude" driverClassName="com.mysql.jdbc.Driver"
url="jdbc:mysql://localhost:3306/javatest"/>
Later, you will add a reference to this server resource in your application's web.xml configuration file:
<web-app xmlns="http://java.sun.com/xml/ns/j2ee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee
http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"
version="2.4">
<description>MySQL Test App</description>
<resource-ref>
<description>DB Connection</description>
<res-ref-name>jdbc/TestDB</res-ref-name>
<res-type>javax.sql.DataSource</res-type>
<res-auth>Container</res-auth>
</resource-ref>
</web-app>
Finally, you can now create connection objects referencing the resource name as a JNDI context:
Context initContext = new InitialContext();
Context envContext = (Context)initContext.lookup("java:/comp/env");
DataSource ds = (DataSource)envContext.lookup("jdbc/myoracle");
Connection conn = ds.getConnection();
Code taken from this Apache Tomcat Howto .
source to share
You will need to have an available password to connect to the database, and this goes for almost any application. It is for this reason that you use other layers of security so that people cannot use this password if they somehow discover it.
Typically, the database server is only secured to allow connections from the local computer it resides on, or possibly on a limited whitelist of other computers. If you do not use the same password for anything else, then anyone who steals it will no longer have access to your database than before, as they had to be on the server to use the password.
If someone managed to get to your server and can edit files, then the password no longer matters and with sufficient privileges they will not need it.
As AmazingDreams says, you usually read it from a config file, which provides one location to reference when downloading the app and setting up a database connection.
source to share
As others have said, it will need to be stored somewhere and usually the best place to do this is in the config file. It's also possible to set up MySQL password-less accounts (obviously not a good idea on a shared server or if you allow remote access to mysql or have publicly available tools like phpmyadmin).
You must also block the privileges of the user account you are using for your website and use another user for administration tasks. For example. if your website only needs to read data from multiple tables, only provide SELECT access to those tables. Typically, the user of the website does not need to access the DROP or EMPTY tables, or INSERT into the event type tables.
source to share
When I have to share code, I worry about that too. In php I use a simple approach that encodes the password with any simple function (like base64) and in the code instead of the actual password I write the encoded one and call the decode function somewhere. Security is not great if someone is really trying to figure it out, but good enough so that every casual bystander won't see your password. It's in php.
In Java, you can take the following approach.
- Create custom encoding and decoding functions.
- The encoding feature is not included in the project, you only use it once to encode your password.
- You can build a small library with just the custom decoding function and include it in your projects so no one will see the decoding logic.
In your code, you only write the encoded password and call the decode function, something like this:
public static final String PASSWD = DecodingHelper.decode ("THE_ENCODED_STRING");
source to share