I'm writing an app in WPF using NET Framework 4.0 Client Profile, PRISM with MEF amd MVVM model and MySQL database.
I have a shell application that holds crucial security data like database login, password etc. I do not want to expose that security data but other modules have to access database.
Is there a way to share that kind of data between shell and modules. A way that would be safe? How should I organise data access?
The best option for me woul be:
SHELL - has all security data and its encrypted and not exposed in any way.
MODULES - independent as much as possible but also can access data base using some sort of communication with SHELL
I came up with couple of solutions:
Shared context - pass connection string to module when it is needed. (but I think its a risky way cos of security data leak)
Register service with PRISM that would expose required database operations (but then module won't be independent and all data access for all modules would be in shell)
Register universal Service with PRISM that will accept custom database operations - wrapped MySqlCommand - and secure it to allow only select, update etc and not drop etc. (it's a lot of work and again I don't think it's a good and secure way)
Are there any other options?
Turns out that I got it all wrong. Solution was simple: not to do it at all.
I've created web service in nusoap PHP and all my security data is in there. WPF application stores only temporary user ticket, so it is the safest way to do it. My error was that I was connecting to data base directly. That is very bad practice. What is interesting is that there is no speed impact, actually everything is working very smoothly :) What is also interesting is that user security roles are also checked in the web service so it is much more safer :)