Subject Re: [Firebird-Architect] Groups in Firebird
Author Geoff Worboys
Hi Jim,

>>It is yet another one of those; "Do we want compliance or
>>backwards compatibility?" questions.
> How about a third possibility -- something useful.

I'm all for useful :-)

> People have multiple roles. And in different contexts, they
> have different roles. And then there's the idea that the
> middle tier of an application may be serving may clients,
> each of whom has different role, rights, and privileges.

I am following so far, but...

> Real applications must connect to a database in order the
> authenticate a client. There are privileges that belong to
> the application, and different privileges that belong to the
> client. An application should be able to control database
> access based on what it knows of the client. This requires
> multiple roles and the ability to activate/deactivate
> specific roles. you have started to lose me.

I understand that, especially with multi-tier, applications
may have their own privilege controls and requirements. What
I am not following is how you suggest this would be supported
by roles (or whatever) in the database.

Geoff Worboys
Telesis Computing