How to use Java applet to communicate with database safely

I have written web applications in PHP for a long time I always store my database connection information in configuration variables and connect to the database in this way

Customers want their website's Java applet to communicate with their database I'm very hesitant about this because the applet will be public. I'm not sure how to store database connection information

I'm a little paranoid. Someone will decompile my application or find some ways to extract my database connection information and use it maliciously

Any suggestions on how to do this safely?

Solution

Just to clarify, you're not too worried about the connection being "overheard". You're worried that someone might crack your applet and pull out the database connection details, right?

Well, I might not let it connect directly, but let it talk to a web application that returns data in JSON / XML People can still get it from your applet if they really want it, but they are limited to web apps

If this does not float your ship, make sure that the database users used by the applet are limited to the operations it needs If it only extracts data, do not give it insert permission

If you are only writing, another option is to have a public database and a private database Write from your applet into the public database and synchronize after verification The problem with this is that you may lose some built-in checks and relationships unless you keep copies of all data in the public database - which may not be safe

Another option could be to provide each user with their own database users Then, if someone gets the applet without authorization, they still need an account to enter

I think building an intermediate web application may be your best choice, but I don't know the complete situation, so I'm not the best judge