I am developing document management system as a web based application using java technologies. I have to prevent database access in any way except this app. None of way can not update any table on this system such as directy using a sql query. This kind of sample is SAP.
AS I guess, SAP company has a middle tier structure and there is not any way to manupulate any data. It allows only using SAP gui and transcations mechanish to alter, create or delete andy data.
My app has many user rights to do any thing on the system and I have to guarantee that data can not bu changed on database except this application.
What I want to do is this kind of architecture. Can you give me some idea, how can I achieve this for my application?
Thanks
You need to program two applications: A client application and a server application. The client application is installed on the users machine and communicates with the server application installed on a server. The server application then communicates with the backend database.
There are many possible ways to do this.
It's your decision how much business logic you want to have on the server and how much you want to have on the client. It can be anything between the server being not much more than a proxy for the database while the client does everything or a very thin client which is just a dumb GUI with the whole logic running on the server (that would be what SAP is doing).
There are also lots of options for communicating between client and server.
Listing all possible options would be too much for a single answer.
Related
So I have a Java Program that just runs in the windows console at the moment. When the program first starts, I want to have it go through a login prompt with a username & password. I’ve previously used a MySQL database to check if a username + password combo exists, and then allow that user to login. I know how to encrypt passwords and such when I compare them to the database info. However, when I did this, the MySQL login details were left in the code so that the program could connect to the database. This leaves a huge problem in that someone could decompile the program and find those login details, then use them to access the database.
So my question is, is there a way to access these logins using the program, WITHOUT exposing my database details to a snooping person. Is there a library out there that could accomplish this?
Yeah you can do it, But you need to re-architect your application.
You should separate you application into two different application.(In short: you have long way to go)
1- Client Application: Where your Java Application is interacting with the end user.
2- Server Application: Where your Application is interacting with your DataBase. This Application can talk to your Client through your network.
Note: keep in mind that, any application at client, can be decompiled. All traffic even any communication between client-server can be monitored.
There are many methods out there, to make the communication between the server and clients. The choice is yours, you can make your own one (Socket communication) or follow some standards like REST or SOAP.
If you want to use REST or SOAP, there are many ready framework and libraries available where Spring is one of them. Since you need to have Server Application(Ex: Rest Server), you need to run your server application in a container, where in this case, Tomcat is the most famous one in JAVA world.
But there is better way to Start ; you can make an Spring Boot Application for your Server app. Most of the libraries even your container is already embedded, and you only need to focus in your Application Logic. Once it's done, you just need to run a single jar file and your client can start talk to the server app, through network. The drawback is that you need to follow the spring boot standard.
You can also Secure your Rest API by Spring Security framework (Which is totally separate topic), but you can simplify it to, token exchange between your server-client for each REST call.
So in this scenario, let say someone decompile your client application, he would
see nothing but, some rest API links, which can not work without login and token.
Also keep in mid that you also need to Secure the communication between Server and Client Throw the Network by TLS.(Which is totally separate topic)
If you're giving out db access then deal with the side effects of that choice. I think mysql offers some kind of row level security option. Check the docs.
If you want some level of backend obfuscation then put it between your users and backend via REST or some other scheme.
I have an application implemented in JavaFX and it will be migrated to the web platform, but it will take some time for that.
Meanwhile, I am struggling with some problems regarding its uses. Some users need to launch the jar from a network drive because their machines do not have access to the the database. Only the drive where the jar is located has access to the database.
My doubt is whether running the jar from the allowed network drive will solve this problem. In addition, can JNLP be a solution for this ?
I'd appreciate any help about this.
Some users need to launch the jar from a network drive because their machines do not have access to the the database. Only the drive where the jar is located has access to the database. My doubt is whether running the jar from the allowed network drive will solve this problem.
It won't work directly.
JavaFX is a client technology, it runs on a client PC. If the client PC does not have direct access to a database, then neither does a JavaFX application running on that client PC.
In addition, can JNLP be a solution for this ?
No, not for direct access to the database from the client if this isn't permitted in your network architecture, you would need a middle tier in addition to the JNLP based client to accomplish this.
Discussion of some solutions to this problem
Typically, the architecture of what you are describing would be built as a multi-tier app.
A client tier, which is the the JavaFX application or HTML javascript application running on a client machine.
An application server tier which handles server logic.
A database tier which hosts the DBMS.
There is a reasonable high level overview of such an architecture here.
Often, nowadays, the application server will serve REST APIs of JSON data, which a HTML based JavaScript web application can easily consume. Such APIs are also easily consumed using JavaFX applications which embed a REST client. An application server services the REST APIs and communicates with a database over JPA or JDBC as appropriate. However, than are many alternate technologies for client/server communication, and you can choose whatever you feel is a good fit for your application, development style and organization.
Spring product specific discussion
As you state your preference to use Spring, consider a JavaFX SpringBoot application.
Spring also includes a technology called spring remoting for facilitating client/server access. Spring remoting provides for multiple communication technologies. I'd advise sticking to the straight HTTP REST based technologies rather than other techniques such as RMI or AMQP as a HTTP REST based back-end can also serve as the backend for a standard HTML/JavaScript webapp which you also mention may be an eventual target client for your application.
If using Spring on client and server, checkout Spring's AsyncRestTemplate, and invoke JavaFX's Platform.runLater API inside the success and failure callbacks of the rest template. Or, use a Spring RestTemplate and control calls to the server via JavaFX concurrency mechanisms. Not sure which would be best for you, possibly the standard RestTemplate wrapped in a JavaFX Task.
Doing this in the correct manner will allow your application UI to remain responsive while it performs network activity (not block the UI thread) and also ensure that you don't violate JavaFX thread rules (don't access controls or modify data bound to JavaFX scene controls off of the JavaFX application thread).
After several months of searching & reading, now i need your help, taking in consideration the following:
- My Application Developed using Java Swing.
- MySQL has been used as database.
- JDBC has been used to make the communication between the application & database.
- The application will run on network environment with multiple client will connect to database.
- The application use Financial transactions, Posting, Billing ... etc.
** now i want to develop a server side that will work as middle-ware, this server side will do the following:
- Connecting to the database to retrieve data as client request.
- Business logic will be on the server side.
- Client will not know about the database.
- Queries Syntax will be on the server side.
- The Client will View,Save,Edit, Cancel ... etc, sending these actions to the server side & server will response.
--- I have read about JFC, J2EE, EJB ... etc, but i don't want to run my application from browser, it will be kept as desktop application only due to the complexity of the application.
--- So i will do it using Sockets.
Any ideas, or tutorials that i can follow?
I suggest using a web-based approach to writing the back-end (e.g. a web service, either SOAP or Rest), and then communicating between the swing app and the back-end app via HTTP / HTTPS.
This is how mobile apps are typically written, and your swing desktop app is no different from a mobile app in this respect.
As far as frameworks for the back end, both Spring MVC and Grails make this pretty easy. Do yourself a huge favor and stay away from EJB unless you really need.it and understand why.
When you have 1-2 hours left, it might be worth to look at the Scout framework.
Scout seems to be a pretty good fit to your application context. Scout applications consist of a Scout server that handles access to web services (currently including support for JAX-WS) and database access over JDBC. The Scout client communicates via HTTP(S) with the Scout server and is available in the form of desktop clients (either supporting Swing or SWT) and as web application (currently based on Eclipse RAP). The web client also supports different renderings to optimize the application to desktop browser or mobile devices with touch support.
I am learning to program Java. My objective is to create client server application based on Java and MySQL.
That would have following.
Server Application where all admin controls would be available to configure.
server application will be the only to have access rights to MySQL.
Server will have all functions and objects that clients will require and call and get that functionality. (Reason for that is "I don't want to share MySQL credentials to client apps or rather i don't want MySQL credentials to be transmitted on the network to clients"). As it would increase maintenance tough and it could be a security loop hole.
An analogy of functionality could be: client calls to server telling to add an Order such addOrder(order_id, payment,..,...,..) and so on.
What are the method in practice for such kind of application these days? A example code/or material to get in right direction would suffice
These days the universal way to expose a service remotely is via a web service. This solution was preferred by the industry over time due to its simplicity and ease of integration to the point that binary based protocols like CORBA are now seldom used.
Take the example of Android applications, they are native application mostly using REST web services.
A REST web service can be easilly integrated in the same way with a desktop application, a mobile application or a web application, even if the clients are written in different native platforms and languages.
As sample code, have a look at tutorials on the Spring stack. For the server see this tutorial for building an hello word REST web service. For the client, consider the REST template.
For security, see this Spring security hello world example. Using the Spring stack in Java will likelly give you the largest number of tutorials and online support.
This sounds like a good place to use RMI, which Java has built in support for. RMI will allow your client to call server-side methods on a local object that corresponds to the server, where all messages/commands get transparently sent to the actual server, where you have your DB access stuff and logic.
My Current application working in network environment, each user run the application from their desktop to connect to the database server.
Since, the application dealing with many transaction that accrued from multiple station during working day, I would like to ensure there will be no confectionist within same record, since the data shared between all stations & each employee working on these records.
The application working as ERP solution there will be many kind of transaction for (Receipts, Payments, sales, purchases, etc).
For that I need to make sure there will be no transactions could be edited from two users at same time.
I searched the internet for solutions, what I understood:
- Applications deals with 3-tier will achieve this approach.
- Applications should run as client server using web server.
My Client: Java Desktop Application SE Thin Client.
My Server: MySQL Database server.
I don't want to go web application.
What i need to achieve this?
What is could be used to get functionality as 3-tier.
Replace Apache with Jetty which is an embeddable web server built with
java. Jetty can serve php pages if it's linked to the php executable.
MySQL is not a great option for this at all - if you need a portable
high powered solution use MongoDB which you can simply package and run
alongside your application.