Helllo!
I'm working on a user information tracker that will allow users to write data to their profile through it's web interface and with a Java Application for wireless devices.
My the issue is the Java app, how do I let public applications access a mySQL database securely?
I can't just distribute my login details in a configuration file or executable like that. My feeling is that I would have to create database accounts for each user with very specific permissions on their own rows and tables, but I can't automate db user creation on my shared hosting plan, so thats out.
My other idea was some sort of secure interface that just authenticates with the user's account password (same way the web interface would), perhaps just some php scripts which return specific data sets to the application. I'm really just interested in what kind of approaches others would take in this situation.
Thanks!