Securely connecting to database within a application

Securely connecting to database within a application

醉生梦死 发布于 2021-11-29 字数 1134 浏览 682 回复 1 原文

I have never developed an application outside my companies system where we just rely on windows authentication from our domain, but I want to learn how to develop a secure application that I can connect to a remote database.

I know it is easier if I use ASP .Net because the data connections will be on server side, but I want to have a WPF application as well for administrative tasks.

Here is what i can think of for securely connecting to a database:

First have a SSL connection to the database always, have a default user/pass that is clear text in the config file of the program where it's only access is to a login procedure on the database where the user puts in there database credentials and the default user/pass will be connected to the db and pass the credentials that the user presented.

The procedure will then pass back a pair of credentials user/pass that the application will use for the remainder of the user logged in session. Is this a good way of approaching the issue? and also should I consider using a web service of WCF as the interface instead of direct connection?

如果你对这篇文章有疑问,欢迎到本站 社区 发帖提问或使用手Q扫描下方二维码加群参与讨论,获取更多帮助。



需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。


庆幸我还是我 2022-06-07 1 楼

Why that complex? Just let the user enter the database user name and password and then try to connect to the server using a SSL conection. The server already has a full featured user management system, so there is no need to create a new one if you only need access for a few people.