| Subject | Re: [Firebird-Architect] Groups in Firebird |
|---|---|
| Author | Geoff Worboys |
| Post date | 2004-10-22T03:29:32Z |
Hi Jim,
I understand that, especially with multi-tier, applications
may have their own privilege controls and requirements. What
I am not following is how you suggest this would be supported
by roles (or whatever) in the database.
--
Geoff Worboys
Telesis Computing
>>It is yet another one of those; "Do we want compliance orI'm all for useful :-)
>>backwards compatibility?" questions.
>>
> How about a third possibility -- something useful.
> People have multiple roles. And in different contexts, theyI am following so far, but...
> have different roles. And then there's the idea that the
> middle tier of an application may be serving may clients,
> each of whom has different role, rights, and privileges.
> Real applications must connect to a database in order the...now you have started to lose me.
> authenticate a client. There are privileges that belong to
> the application, and different privileges that belong to the
> client. An application should be able to control database
> access based on what it knows of the client. This requires
> multiple roles and the ability to activate/deactivate
> specific roles.
I understand that, especially with multi-tier, applications
may have their own privilege controls and requirements. What
I am not following is how you suggest this would be supported
by roles (or whatever) in the database.
--
Geoff Worboys
Telesis Computing