cszawisza
12th November 2013, 20:24
Hi!
I'm developing an application that stores data about some items in database and I at the beginning it was designed only for me so I newer think about safety, but now I know that I need at least couple of users and a "user management system". The problem is the same as http://stackoverflow.com/questions/15489360/hiding-mysql-credentials-in-application
What I want to do is a TCP sniffer that checks if user and password send by client (at the beginning through TCP) are the same as in DB and then, sniffer will tell the client that it can connect to DB (using some user and password) and after that... Exactly what? How it should look like?
I think that the best way is to provide a whole API between client and server, but I have almost whole application, I don't want to redesign it.
Mayby there is another solution for this issue?
I'm developing an application that stores data about some items in database and I at the beginning it was designed only for me so I newer think about safety, but now I know that I need at least couple of users and a "user management system". The problem is the same as http://stackoverflow.com/questions/15489360/hiding-mysql-credentials-in-application
What I want to do is a TCP sniffer that checks if user and password send by client (at the beginning through TCP) are the same as in DB and then, sniffer will tell the client that it can connect to DB (using some user and password) and after that... Exactly what? How it should look like?
I think that the best way is to provide a whole API between client and server, but I have almost whole application, I don't want to redesign it.
Mayby there is another solution for this issue?