23,402
社区成员
发帖
与我相关
我的任务
分享都说用javabean实现数据库连接比较安全,可是……
都说用javabean实现数据库连接比较安全,可是,当我用记事本打开后缀为class的文件时,还是可以清楚的看见数据库的用户名和密码。我的JSP运行环境是:Apache+resin+j2sdk+mysql。打开的内容如下:
漱壕 . h
1 2 3 4 5 6 7
8 9 : ; < =
1 >
?
@
A
B C
D E F G H I J K
@ H L M
@ N
@ O P sDBDriver Ljava/lang/String; sConnStr conn Ljava/sql/Connection; rs Ljava/sql/ResultSet; <init> ()V Code LineNumberTable Insert (Ljava/lang/String;)V Query ((Ljava/lang/String;)Ljava/sql/ResultSet; Delete
SourceFile
sql_data.java & ' com.mysql.jdbc.Driver `jdbc:mysql://localhost/data?user=dbuser&password=192168&useUnicode=true&characterEncoding=gb2312 ! " # $ % Q R S java/lang/ClassNotFoundException T U V java/lang/StringBuffer sql_data(): W X Y Z [ Z \ ] + ^ _ ` a b c d e f java/sql/SQLException sql_data.Insert: g - sql_data.Query: sql_data.Delete: mysqlconnection/sql_data java/lang/Object java/lang/Class forName %(Ljava/lang/String;)Ljava/lang/Class; java/lang/System err Ljava/io/PrintStream; append ,(Ljava/lang/String;)Ljava/lang/StringBuffer;
getMessage ()Ljava/lang/String; toString java/io/PrintStream println java/sql/DriverManager
getConnection )(Ljava/lang/String;)Ljava/sql/Connection; java/sql/Connection createStatement ()Ljava/sql/Statement; java/sql/Statement
executeUpdate (Ljava/lang/String;)I executeQuery ! ! " # $ % & ' ( F* * * * * * W #L
Y
+ " % ) *
" % B E * + ( y A** * M,+ W #M
Y , ) = @ , - ( M* ** * M*,+ #M
Y , * % ( ) " # & ' ( % ) ( , E - H . . + ( y A** * M,+ W #M
Y , ) 4 5 6 7 : = ; @ < / 0
漱壕 . h
1 2 3 4 5 6 7
8 9 : ; < =
1 >
?
@
A
B C
D E F G H I J K
@ H L M
@ N
@ O P sDBDriver Ljava/lang/String; sConnStr conn Ljava/sql/Connection; rs Ljava/sql/ResultSet; <init> ()V Code LineNumberTable Insert (Ljava/lang/String;)V Query ((Ljava/lang/String;)Ljava/sql/ResultSet; Delete
SourceFile
sql_data.java & ' com.mysql.jdbc.Driver `jdbc:mysql://localhost/data?user=dbuser&password=192168&useUnicode=true&characterEncoding=gb2312 ! " # $ % Q R S java/lang/ClassNotFoundException T U V java/lang/StringBuffer sql_data(): W X Y Z [ Z \ ] + ^ _ ` a b c d e f java/sql/SQLException sql_data.Insert: g - sql_data.Query: sql_data.Delete: mysqlconnection/sql_data java/lang/Object java/lang/Class forName %(Ljava/lang/String;)Ljava/lang/Class; java/lang/System err Ljava/io/PrintStream; append ,(Ljava/lang/String;)Ljava/lang/StringBuffer;
getMessage ()Ljava/lang/String; toString java/io/PrintStream println java/sql/DriverManager
getConnection )(Ljava/lang/String;)Ljava/sql/Connection; java/sql/Connection createStatement ()Ljava/sql/Statement; java/sql/Statement
executeUpdate (Ljava/lang/String;)I executeQuery ! ! " # $ % & ' ( F* * * * * * W #L
Y
+ " % ) *
" % B E * + ( y A** * M,+ W #M
Y , ) = @ , - ( M* ** * M*,+ #M
Y , * % ( ) " # & ' ( % ) ( , E - H . . + ( y A** * M,+ W #M
Y , ) 4 5 6 7 : = ; @ < / 0
...全文
请发表友善的回复…
发表回复
CTaoHero 2003-09-27
- 打赏
- 举报
谁会在JAVABEAN里面把用户名和密码写进去啊?你还能看见数据库的用户名和密码/晕!
pasband 2003-09-27
- 打赏
- 举报
晕,人家要是能在你的服务器用记事本打开class文件,那你还想要安全性?
fft123 2003-09-26
- 打赏
- 举报
jdbc:mysql://localhost/data?user=dbuser&password=192168&useUnicode=true&characterEncoding=gb2312
晕
没注意过这种问题
晕
没注意过这种问题
9731boy 2003-09-26
- 打赏
- 举报
呵.....如果你这个javabean能被其他人看到.那你的服务器就不安全了.
