Database driver problems from my applet's jar file help

[Flying Mullet]

Yeah, I know that only a small subset of the population here will be able to offer any help, but I'm bald from pulling my hair out and need all the help I can get.

I'm trying to set up an applet that will talk to a MySQL database. I have no problem connecting to the database as I'm developing the code ("un-jarred"), but when I create a jar file of my code to test through a web browser, I cannot connect to the database due to the usual ClassNotFoundException. I have included mysql-connector-java-3.1.12-bin.jar (the current driver) in the applet jar, but I don't know if I'm supposed to supply some info through an attribute to the applet tag to let it know that the jar contains the driver it needs or if I have to call the driver differently in my code.

Any ideas?

[bipper]

conn = DriverManager.getConnection("jdbc:mysql://" + hostname + "/" + database + "?useUnicode=true&characterEncoding=Big5", login, password);

It has been about a year since I have done anything like this. In fact, I don't think I have ever done it with an applet - only an application. I am poop.

[edit] Oh, I reread the question. No, to my knowlage there is not attribute needed in the applet tag. I can look into it some more. You use websphere, correct? are you importing using the import command attop your program?

Double check your archive poperty in your applet tag??

[edit 2]try this link: http://www.stardeveloper.com/article....html?tid=1647 It looks like this guy may have had similar issues, and his approach seems a lil haphazard - but I have nothing to test it on atm. Enjoy!

Bipper

[Flying Mullet]

I just got it figured out (with some help from sun's java forums.

Turns out that jars in jars are a very bad idea, as you have to write your own custom class loader to navigate the "multi-leveled" jars and find what you want.

As they say, the easiest solution is the best, and it was in this case too. All I have to do is include the extra jar file for the db driver in the applet tag and it works like a charm:

<APPLET CODE="main.TheGameApplet" archive="signedthisisthegame.jar, mysql-connector-java-3.1.12-bin.jar" WIDTH="1000" HEIGHT="600"></APPLET>

[bipper]

tehsex. congrats mulley

[Samuraid]

Just as a sidenote, is connecting to a database through a jar file really secure? Because if you do put something like that on the web, I'm going to be forced to download and unzip all your jars, and decompile the classes back to the source to see if the database is able to be hacked.

[bipper]

not really - thus another footnote on my hate for java. Feel the hate

[Dr Unne]

Just as a sidenote, is connecting to a database through a jar file really secure? Because if you do put something like that on the web, I'm going to be forced to download and unzip all your jars, and decompile the classes back to the source to see if the database is able to be hacked.

I was going to ask this, but I didn't want to hijack the thread. I can't see how it's at all secure. Can you encrypt a jar file?

A Java applet has to be run client-side, so you're guaranteed to be sending the scripts to the client. I've had to decompile bytecode back into Java before and it's fairly trivial (good thing it's possible, I almost lost a group assignment in a robotics course in college).

You could have a Java daemon sitting on the server that sends data out to clients. Then you could at least be sure to control the nature of the data that's being sent and avoid letting any client in the world talk to your SQL server, and since the daemon is running server-side you can keep your SQL login scripts out of DocumentRoot so no one can get at it. But then you have to rely on the security of your own daemon not to go whoring out your database to people. I'd rather rely on the security of Apache than on anything I write myself.

[bipper]

I actually relly straight on files structure modes for my security. It's what universal hackers want anyways. Comp the file struct, and whammo - who cares what precautions you tried to take (to a point ) Straight XML writing, FS management, and user management for me! kthx Java's own applet security structure prevenets this from being any real use.

Bipper

[Flying Mullet]

Yes, I've actually been wrestling with these thoughts myself for a while now. It all started as a way to practice applets and learn AWT/Swing. Once I realized the security risks I decided to see if I could find out a way to prevent "malicious use" of the database but since it's client side code it's near impossible to prevent.

Nothing like a near impossible challenge, eh?

[bipper]

I went through the same thing. I released a 2d mmo named Nhaven for about 6 months, but the holes in security were far too many. I then dropped Java and began to loathe it from there on. That is when I became my own Cvangelist and have been studying the least hackable methods to save server side data while dealing with a Server/client relationship. From what I have found - databases do the oposite of help. Unfortunatly, coorps and comunities are lazy, and look for the easy way out. this is going to lead to a plethora of hack crimes and complete information anarchy in the future imo. But whatever ...

Its all about games with me.

bipper

[Samuraid]

A JAR file is simply a PK zip file. Even if you found some way to password protect it, breaking that protection would be relatively straightforward.