Best practice for storing database password

Question

I am developing a custom server application that will access a database. I need to decide where I will store the credentials (and to address) to that server.

A common so

Answer 1

I am sharing, the way I had solved this.

• Build API, to query the authentication details from a foreign domain.
• Use public key, and private key to read through the details.

But, honestly the only thing this did was over complicate simple things. After that, I created several users to the database, with different privileges.

Like

• guest can only to SELECT
• mod can only CREATE, INSERT, UPDATE, DELETE

etc and switched the user, whenever authenticated users appeared.

With the combination of users and session, I have been able to escape the threats so far. But ofcourse the code vulnerability have to be tested thoroughly.