Hi All,

My goal is having a Java applet connect to a CGI script that connects to a mySQL database, all on the same server.

What I don't want to happen is anyone other than my applet connecting to the CGI script or my database.

What is a good way to authenticate? I figured that, since these are all on the same server, then the CGI script could authenticate that the applet was indeed being run on the same server (Even though it's really being run on a client's machine).

I can't have Java send a message that the CGI checks for, because anyone can decompile a Java program and duplicate that.

I also don't think I should just have Java directly connect to mySQL, because (as far as I know, which is little :) ) there isn't a way to have mySQL do the authenticating. I would have to include my username and password in my Java code, so, for it to be ok for other people to decompile and get those, I would have to make sure mySQL will only respond to queries from the same server.

Also, along the same lines (kinda), if a CGI script is set only to execute by public, does that mean that people cannot download the file, or read it? Just execute it?

Thanks for your time,
Ben