3 messages in com.mysql.lists.javaRe: good authentication question| From | Sent On | Attachments |
|---|---|---|
| zuh...@iname.com | 08 Apr 2004 10:46 | |
| Jeff Newmiller | 08 Apr 2004 16:39 | |
| Dave Newton | 08 Apr 2004 20:50 |
| Subject: | Re: good authentication question |
|---|---|
| From: | Jeff Newmiller (jdne...@dcn.davis.ca.us) |
| Date: | 04/08/2004 04:39:13 PM |
| List: | com.mysql.lists.java |
On Thu, 8 Apr 2004, zuh...@iname.com wrote:
hi,
my problem is (maybe) a basically question. how to get good authentication?
This mailing list probably isn't the right place to discuss this subject further... see below.
from the hoster of my homepage-in-planning i only get a user and password for the database.
i want to make a page, with which texts from another page could be translated. the server is resin, the translation is web-based.
Sounds like you are using the database from an application server (servlets?). The communication between the client (application server) and the database (mysql) is not secure, except that because they are both within your hosting server or its local network that should not be a problem.
how should i proceed, so that i have good authentication? as far as i know until now: i can ask for user & password, but if that would be transmitted securely depends on https or not.
True... and on whether the user's computer has not been compromised. But those discussions are not on-topic here, where the topic is communicating between java and mysql.
i think of setting users and rights in a (mysql) db-table (just to read texts, translate texts, administer users and db-tables). but how could i make this secure if at first i have only http-connections (with no security)?
Probably redirect to a secure page before accepting username/passwords.
sorry if this is a stupid question - but i can't see through the things until now.
any help/hint for a good design would be appreciated very much.
Note that in many implementations the user-to-application server authentication will be different than the application server-to-database authentication. However, that is up to you, and your choices may be influenced by the tools you use to build your application server.
--------------------------------------------------------------------------- Jeff Newmiller The ..... ..... Go Live... DCN:<jdne...@dcn.davis.ca.us> Basics: ##.#. ##.#. Live Go... Live: OO#.. Dead: OO#.. Playing Research Engineer (Solar/Batteries O.O#. #.O#. with /Software/Embedded Controllers) .OO#. .OO#. rocks...2k
---------------------------------------------------------------------------