Subject RE: [Firebird-Architect] Re: User name SYSDBA
Author Leyne, Sean

Your comments are appreciated.

> The user logs into the web application, but for any given transaction
> they will be using one of about 50 connections from a pool that is
> shared with 1000 concurrent users.

Understood and can see the problems which opening individual connections
would create.

But it seems we are talking about two different problems.

> In micro-scaled systems, the nominal cost of making and breaking
> connections is just that - nominal.
> When you add the overheads of
> preparing queries to every connection, it becomes quite serious,
> particularly on wIntel type hardware.

I agree and this is something that will be worked on.

> Behind the scenes, the millions of people viewing and posting to the
> Yahoo groups application via either the web or the email interfaces
> are using a small pool of just a few hundred dedicated connections to
> the backing database. The connection I retrieved data on is unlikely
> to be the connection that I post this reply on.

Completely agree!

> Yahoo's security model is primarily implemented in their
> application. It is likely that a person with knowledge of the one ID
> and password that the application uses would have god-like authority
> on the data in the DBMS that backs this email group.
> With Jim's proposed model, the application does not need to know the
> user's security any more.

I don't see that as being true.

The application will need to know the user's security in order to limit
the functions available.

> The application only needs to know the
> user and the role that the user wants, and to provide that with the
> start-transaction information.

But the user must the validated for the role; where is this validation
data going to be stored?

I know that you're not suggesting that I can login as user "Sean" with
the role "SysAdmin" at my whim.

> The PAM approach means that low-end systems can use lighter weight
> security, while larger and more robust security requirements can be
> enforced in the DBMS with minimum impact on performance.

I can see how PAM can perform database **access** authorization
(replacing the password database), I don't see how it can take over the
management of user/role/group management. Perhaps I need to be shown
the light.