Hi. I'm developing a new web application and I have some questions about security.
The network scenario is:
-1 firewall.
-1 application server(with
Tomcat).
-1 database server(with Oracle).
-Using FORM(as login-config).
The question is:
-The application accessing a database instaled in the application server is more secure than accessing the database directly in the database server?
I supose that if some invasion occurs, they just will access the database in the application server and won't access the database in the database server. In this case, I'll sincronize the databases twice a day.
I know that I'll lose a lot of time developing the sincronization of databases. But I'll do this if it's necessary.
Thanks.