I don't know how to answer your question, but I can share my similar experience with you.
2 years ago I was working on a Java applet project, the database is Sybase. As the java bytecode is not a pure-compiled code, it's unsafe to put the userid and password of the database in the java code. But with JDBC you have to.
The final solution is I set a privillege protection on the database with carefully designed mechanism. I use table privillege and stored procedure.
In that case, even someone get the userid and password, he still cannot access the protected data in the database.
This post has been archived. It cannot be replied.