We are in the process of developing a swing-applet based system that requires regular interaction with multiple databases residing on more than one database server.
The options available before us, as we evaluate are:
a. Use "signed" applets ( as this is going to be essentially an intra-net application) and use JDBC connection to connect to more than one database ( which reside on servers other than the web server).
b. Use applet - servlet communication - basically, the servlet would establish connection to the databases, directly or through EJB, retrieve necessary database information and pass on the objects to the applet - the front end GUI would be controlled by the applet.
c. Use RMI
We would like to have your perspective of the three options, with your experience in this line.
The questions that come to us are:
a. If the system is essentially an intra-net application, is it okay to design with "signed" applet mechanism - how far is this method common in the market and acceptable to the clients? Is it true that the signed applet would be able to establish connection to various "identified servers" that are allowed permissions in the security file?
b. Between applet-servlet and RMI, which is a better method? What should be the factors that need to be considered? Is RMI being widely used or should we be thinking in terms of EJB, eventhough the current project is purely a Java based solution.
Your input is highly appreciated - thanking in advance for any suggestions and inputs that you may provide.
you definitely don't want to do jdbc from an applet. one reason is that this may basically force you to do security at the database layer instead of at the application layer. another reason is that you may have sensative application logic in your applet that could be decompiled.
same issue with RMI from an applet. if you have to do applets as your frontend, definitely go with the applet-to-servlet-to-datastore think in one shape or another.
Previous Topic
