On Friday 13 February 2004 07:53, Dmitry Yemanov wrote:

Hi,

> We should separate database security (users) and authentication
> (logins/passwords). Users belong to a database and should be stored there,
> whilst logins belong to the external authentication mechanism. There should
> be a direct mapping between both. The server should support PAM to allow
> different authentication methods (security.fdb, NT domains, Kerberos etc).
> The interface should be open and properly documented to allow 3rd party
> security plugins. The aforementioned things are key parts of this subject,
> IMO.

As a user, I 100% agree. We have recently had to write a 'bridge' between a
customers LDAP/Active Directory server and FB's security database, which was
messy at best.

Phil

--
Discover a lost art - play Marbles
April 2004
ICQ: 760757 | AIM: pjshrimpton | Y!: pjshrimpton | pjshrimpton@...