I have an applet which connects to a SFTP server to download file. The login credentials need to be included within the applet so that user will only select the download location and the download process will start.
Login credentials are dynamic based on some business logic.
Now I need to decide the approach to pass the dynamic login credentials to the applet. Following is what I have thought:
Having the credentials in a Javascript file which I populate dynamically at the HTTP server end and using JSObjects for retrieving them in applet for the SFTP server connection. This will create a security issue if also I encrypt the password because ultimately it will be downloaded at the client end in plain text. To overcome this, I could obfuscate the javascript file at run-time after credentials population in it at the server end. So that the obfuscated file get downloaded at the client.
Is it a good approach or I am trying to make my life unnecessary complex?
Please suggest some approaches and pointers.