I have already developed a JAVA SWING Application. I want to install this application in several computers which all have access to internet .
So where should I place my MYSQL Database ? All these computers should have the ability to access the same database via the internet.
It's not very common to allow access to a database directly over the internet for security (authentication authorization, encryption) and performance reasons. In most cases, you would create a web-based server application which can perform database operations, enforcing business, domain, and security rules. The client application makes calls over the internet (using REST calls, AJAX calls, or something proprietary), and gets the results back from the server.
In your case, since your client software is Java, you may want to research Java Servlets and run something lightweight like Tomcat as a serer.
Please see this page and this page for an explanation of client-server relationships.
Put your database in host that is accessable by Internet.
For each of the external ip addresses of each of the Applicaton host create a user on mysql.
GRANT ALL PRIVILEGES TO database.* to `user1`#`APPLICATION_HOST_IP` identified by 'PASSWORD';
Now user1 will have access from APPLICATION_HOST_IP IP.
Well the possibility is limitless.. You can place it on every computer that is accessible by the others. As long as you can acces the database via network it does not really matter where it is. But if the Computers with your client Swing are all connected in LAN, than store the DB on the computer with best Performance.
As a tip use the IP, and port dynamicaly from text or entry, so u do not recompile every time u change the IP.
Chiers!!
Related
I have a java application that I programmed, and I also created a Wampserver database to store the app's data. When I install the application in another computer, it basically can't do anything because wampserver isn't installed on that computer, and even if it was, the database wouldn't be imported on that same computer.
Can I install the database with the program itself, without making a database server in my computer? (For security reasons)
Sorry if this is a dumb question, im new to programming.
Assuming you are doing this in a Home/office environment. Where your IP Addresses do not change so often. Or you have the power to assign them statically.
You could try using a multi-threaded client server model. Where your wampserver computer(server) will accept a connection from another computer(client), and from there any queries to the database will be handled by that thread. This way, you could get away without installing wampserver on every client.
It would require some networking codes to be added to your java program. There are many examples on multi-threaded client server model -> Multithreading with client server program
You can open your MySQL server to the outside world or to certain IP (comment or edit bind value in your MySQL configuration file).
This can be a security issue. What is your objective? Usually, you'd do an API allowing access to your data from your application.
You are talking about "hosting" your database. You need to either:
Create, develop, and run a hosting service (not trivial), or
Pay to one the myriad of hosting services available, and install your database there (cheap these days). Just a couple of well known examples: Digital Ocean or Amazon Web Services.
In any case, it's a huge security risk to open your database to any client online.
Normally you write a program/application that accesses the database in the same [local] network, and that application serves web pages (or other web service) to the world.
sorry if this is a super easy question, but I have been googling a lot and I have failed to get a result.
I am looking for a way that I can either purchase or host so that I and others can connect remotely.
I have all my code working locally, but I would just like to know how to host for others to join.
There are many ways to provide a MySQL server instance that's accessible over the public internet.
For this to be secure, you'll need to use transport layer security (TLS) for the connections from JDBC clients to the server. Even when you do this you'll need to be vigilant about the security of your database.
If your users' data is sensitive, or needs protection against cybercriminals, this is probably a bad idea. (Sensitive data: personally identifiable information, payment/credit card data, health data, personal financial data). It's much safer to put MySQL instances behind solid firewalls, and use web services and/or web sites to grant access to the public internet.
You could run a virtual machine instance on AWS or some other cloud service provider, and put MySQL on it. AWS also offers a Relational Database managed service you could use.
You could use a GoDaddy style service, and enable remote access to your own MySQL instance on that service.
You could put a MySQL instance on a machine in the DMZ -- the publicly visible segment -- of your home or office network. Most home and small-office routers allow a particular port on a particular machine to be made visible to the public network.
Be careful, k?
I'm looking for a fix, but I'd gladly settle for an alternative.
Problem:
I am designing an application in Java, It's requirement is to once every night, sync to a server database. More than one laptop will be running this application, and from dynamic IP addresses.
I have created and restricted permissions to their SQL accounts from the cPanel interface (not from phpmyadmin, no grant privileges to do so).
I need to grant these restricted accounts Wildcard permission to allow the app to do it's work.
Neither myself nor the web-host re-seller have access to root or have grant permission. So i cannot allow selected users permissions to remote access.
I Can however, allow all users (which includes the unrestricted users), remote access from Wildcard IP address through the cPanel interface. I can remotely gain access through my Java program this way. However There are security concerns and so I don't want to use this option.
I have very little experience with web-hosting, if i managed to
transfer the domain to a different provider, could this alleviate my
grant problems?
Is it possible to query custom php and gain
access through Local permissions to return database contents? (sorry
almost no experience with php).
If i have no Root access, would
allowing wildcard on all users be that problematic?
_ _
Any thoughts or suggestions would be greatly appreciated.
P.S.
I realise this is very poorly structured and has more than one question. This problem seems to be unique, I haven't been able to find any specific information that fulfilled my needs.
Personally, I would not open your database to the internet. It's a security risk and also most hosts will block this anyway.
Your second option is the one I would go with, creating an API which runs on the server, authenticates the clients, and then exposes only the API to the internet (or, since you have control over the clients, maybe even only by VPN!), which then interacts with the database.
A backup plan would be VPN access to the server; if your client can VPN to the host network then you can allow your clients direct access to the database.
About your question 3, if you don't have root access you'll still either have permissions to edit users or not; being able to grant users permission (even with a wildcard host) is independent of being the root user, so you may or may not have this level of access and it's impossible to tell based only on your username alone.
I'm developing a Java Swing based app which uses JDBC to connect to a MySQL database. As such, the software directly remotely access the database from whichever computer it happens to be running on. Additionally, the app uses prepared statements to query the database and the database is hosted on a shared CPanel hosting account (if that matters).
The snippet of code I use to connect to the database is as follows (fairly standard connect code I think and all strings in all caps contain the correct contents):
String url = "jdbc:mysql://URL:PORT/DB_NAME?connectTimeout=3000";
Connection conn = DriverManager.getConnection(url, USERNAME, PASSWORD);
I have only ever successfully used the app from one IP. Before I use the app from an IP, I have to manually whitelist the IP by adding it as an allowed remote MySQL access host. If I don't add the IP as an allowed access host, the server refuses my connection and I get the resultant error:
com.mysql.jdbc.exceptions.jdbc4.CommunicationsException: Communications link failure
The last packet sent successfully to the server was 0 milliseconds ago. The driver has not received any packets from the server.
Then if I whitelist an IP and try to connect from it, I don't get that error and the app connects to the database properly.
This system would be okay if the app were only going to be used from one IP, but it needs to work from any IP since I cannot predict who will download and use it. The only solution I see would be to do a global whitelist of all IPs in the allowed MySQL access hosts area. However, that seems like it has many drawbacks, such as being insecure as anyone who has the correct password could log in (and would thus be susceptible to brute force attacks). This seems to corroborate the hypothesis that that method is insecure. Thus, I would like to have a system of communicating between the app and database that is IP-independent (doesn't require whitelisting all the IPs).
Additionally (I don't know if this makes sense or matters), but I believe some of the areas I expect the app to be used in block certain protocols. Thus, (I think) I would like it if the selected method of communication only used HTTP or some other widely-used protocol.
I did some research into this problem and my efforts led me to 2-tier and n-tier models of database communication. Perhaps I could do something like make a PHP page which accepts a statement and a series of parameters (plus a password to gain entry), executes the statement, and then returns the result back as JSON. However, this seems like another less-than-ideal method as it seems like it would also have security problems.
I'm sure someone more experienced and knowledgeable than I has already come across this problem and developed a solution.
Therefore, my question: What is the preferred method of connecting to a MySQL database from a Java app in an IP-independent way?
I greatly appreciate and thank you for your time.
You're on the right track:
1) If you want any arbitrary client to connect directly to your database, and the clients can have any arbitrary IP address ... then you're probably going to have to effectly disable IP security be whitelisting all possible client IP addresses.
2) On the other hand, if you only allow local access to mySql (by far the most common scenario), then you can create a web app to interface between your clients and mySql.
SUGGESTION:
Consider creating a "REST" web service that your clients can talk to.
Here's a good tutorial that might help you get started:
REST with Java (JAX-RS) using Jersey - Tutorial
Q: Does your Swing app really need to emit "raw SQL"? Or can it make "high level" queries? REST is ideally suited for the latter.
PS:
Here's another, short example that might help suggest some design alternatives with REST, mySQL and Java for you:
http://www.9lessons.info/2012/09/restful-web-services-api-using-java-and.html
You are up against the policies -- primarily the security policies -- of your hosting provider. It's generally considered insecure to allow port 3306 (MySQL) connections from the whole internet. It certainly lays your MySQL server open to trivial denial-of-service attacks. (It just takes some knucklehead controlling a botnet to send in lots of port 3306 connection attempts. They don't even have to be successful connection attempts.) If you're sharing your MySQL server with other customers of your hosting provider, they have every incentive to restrict your remote access to their server.
Most folks who build database applications for deployment on the public internet do it by providing web services to hit the database with the specific operations required by the application. The application deployed at the end-user's machine then uses HTTP (or HTTPS for security) to access those web services. In turn the web services access the database. That's what multitier operations do. You're right that there are security problems, but you can mitigate them with careful development of your web service code.
You could use SSH tunneling to handle your database access. The SSH suite of remote-access applications allows port forwarding. To use this, you would establish (authenticated and encrypted) ssh connections between your end-users' machines and your database machine, that forward port 3306. Then your users could connect to localhost:3306, and that net traffic would be forwarded to your database server. It's pretty flexible and quite secure, if not completely simple to configure.
You might also investigate using SQL Relay. It's generally used for connection pooling and management within a data center network, but it might work for this purpose.
Be careful opening up your MySQL server to the world! If you do that you may want to require the use of TLS encrypted conections.
I am making an application which have to be used in different pc's, and it has to share the same database. I have no idea how to do it. I am using the java as programming language and mysql as database. Please help me to do this task...
Use JDBC and connect all your app to one MySql DB Server
The way to talk to a database in Java is JDBC.
See http://download.oracle.com/javase/tutorial/jdbc/index.html for a good tutorial on how to use it.
On server-side you should create user which will be granted privileges to access your database from different foreign hosts:
GRANT ALL ON *.* TO 'someuser'#'somehost';
Read more here: http://dev.mysql.com/doc/refman/4.1/en/grant.html
On client-side you should configure database connection to use host where your database is installed. Read JDBC API reference for details.
Does a client-server model not work for you? If you have somewhere to host a server the normal method accomplishing something like this is to encapsulate your database behind the server and all clients connect to your server to exchange information.
You have a variety of options for communicating between the clients and the server:
Your server could be a simple web app where your clients all make URL calls to the server to accomplish various tasks. Implementing REST or SOAP would make the calls even easier if you're doing anything non-trivial.
RMI if your not going over the internet makes things really easy (you can get the basics of RMI in a few hours of reading).
Assuming you have the network connectivity, you can also just have each client make their own connection directly to the database. But only do this if you are on a safe intranet only.