locked
Silverlight connection to MySQL database with authentication RRS feed

  • Question

  • Hello, friends. Help, please, to me. I tortured... honest... I found a lot of information about <subject>, but I cant understand it. I am the the beginner (in develompent of business applications), and very much want to understand this environment.

    Genereally so: I have an application (actually it is empty application) with the simple "Login"&"Password" form. Let's allow there is an MySQL server with a database. In it there are tabkes... well let table "Users" (with the list of all users, their logins and passwords (passwords I will probable enconde in MD5) - after all it is necessary to authenticate the user?) and the tables with different information. I want to create the application which will settle down on a hosting (on the same where also exist a DB), that is the standard web SL application, and, after check of reliability of the entered login and the password, application gives the content to user.

    In this regard, there is a row of questions concerning safety of connection with a DB and appendices as a whole. I see it so - the DB has (at least) 3 accounts - conditionally let there will be "quest" (has access only readying only for the table "Users" with logins and passwords), account "User" (has access on reading other tables), and account "Admin" (has access on reading and writting any table). Originally there is a connection my SL application with MySQL database under account "quest" for checking entered login and password  (QUESTION: password and login for connection with database under "guest" (and other accounts), probably, sould be stored in the application code. Is it safe? After all, the application can be downloaded from the server (HTML code), and, then, can be hacked. Please, advise to me, how here it is better to organize this question?), further, after check on compliance of login and the password, the program creates new connection with a DB according to user or admin account. This is an idea of main work apllication.

    Plus (though it is a minus), I at all don't represent HOW competently to make connection with a DB. Handles? By any component? Please, advise safe options.

    Now - authentification service. Whether it is necessary to me and how it to use here?

    So, I ask you to prompt me the following:
    1. Authentification service. Whether it is necessary to me and if yes, that as it to use here?
    2. Where it is safe to store (and in what look) login and password information for connection with a DB?
    3. How it is most correct and safe to make connection with a DB?

    Well, and, your recommendations about an occasion of my view of application work. Probably, it is necessary to do something differently? I don't ask to write me all code (I want to make my own), I ask to help to deal with the organization of the such appendix. Though, any pieces of a code could and come in handy. Generally here so...

    P.S. my english is not best, so some expressions may not look correct. Hope for a good answers and advices.

    Thursday, October 4, 2012 7:58 AM

Answers

  • You will have to create WCF services (hosted on server) that talk to the DB (MySQL in your case). Your Silverlight app will talk to WCF through secure protocol (https) to safeguard passing credentials from client to server. I hope this will get you started in the right direction....

     

    Friday, October 5, 2012 2:16 AM

All replies

  • You will have to create WCF services (hosted on server) that talk to the DB (MySQL in your case). Your Silverlight app will talk to WCF through secure protocol (https) to safeguard passing credentials from client to server. I hope this will get you started in the right direction....

     

    Friday, October 5, 2012 2:16 AM
  • Well, it's good idea, but... I need to buy a certificate for using https protocol... Anyway, thank you for reply, I will wait some more time for any other replies.

    Friday, October 5, 2012 3:12 AM