Hide properties of database.jdbc.connection object

1 次查看(过去 30 天)
I have a tool that connects to an SQL database using a jdbc driver. This tool has a function that looks something like this:
function conn = connect_to_sql_database(username, password)
key = '';
% Connect to the SQL database
conn = database([ '<URLOfSQLDatabase>;key=' key ], ...
username, password, ...
'<someJDBCDriver>', ...
'<SlightlyDifferentURLOfSQLDatabase>;key=' key ]);
The key is shared between many users, while username and password are personal. The key should not be visible to users, so I fill in the key and turn the function into p-code. However, when I run the function, it provides me an object of type database.jdbc.connection, which has properties DataSource and URL, which both contain key in plaintext. Is there any way in which I can hide these two properties or construct the connection in a different way so that key does not appear anywhere?

采纳的回答

Dinesh
Dinesh 2023-11-17
Hi Jori.
I don't see a straight forward way to resolve your issue.
The classes defined inherently implement this behavior of exposing the URL. So, if you have the connection object, URL will be visible. However, custom classes can be created to replicate the same working but to hide the URL. This approach can lead to complications, but it seems like the only way to return a connection object and still not expose the URL. The following link will help you understand classes in MATLAB:
I would suggest a different implementation where you don't return the connection object to the user. Instead, the funcion can directly perform any operation that they want using that connection object and just return what is necessary for the user. This way, the connection URL will never be exposed.
I also don't understand the significance of using a key. If the above-mentioned approaches don't help you, could you please help me understand why a key is required along with the username and password so that I can look at this again and see if there is a better approach?
  1 个评论
Jori Selen
Jori Selen 2023-11-17
Thanks for your answer. I agree that not returning the connection object to the user is a better implementation.
To provide some context: The key is provided to a tool to allow the users of that tool to connect directly to some database. There are many tools and each tool is provided a unique key, which can be used for monitoring purposes. In principle a user should not see the key, since it allows them direct access to the database as opposed to access to the database via the tool.

请先登录,再进行评论。

更多回答(0 个)

类别

Help CenterFile Exchange 中查找有关 Database Toolbox 的更多信息

产品


版本

R2020b

Community Treasure Hunt

Find the treasures in MATLAB Central and discover how the community can help you!

Start Hunting!

Translated by