| Subject | Re: [Firebird-Architect] Digest Number 1071 |
|---|---|
| Author | Jim Starkey |
| Post date | 2005-08-21T18:43:31Z |
David Johnson wrote:
Vulcan. It is intended primarily for user authentication, but could be
extended. An LDAP based security plugin would be an excellent addition
to the product set. That said, I am wary of LDAP rights management,
tending to believe that objects within a database system should be
managed by the database system. I'm not going to say that LDAP based
rights management is out of the question, but I'm going to need a lot of
convincing.
Incidentally, we're not home yet -- just sitting on the boat in the fog
exploiting somebody's unsecured wireless.
>(security data) as the underlying database.The security plugin API is defined by the class SecurityPlugin in
>
>Jim has not talked about exposing the security API yet, but once you get
>to the point that you realize that his proposal is LDAP like to the
>point you can speak of it in LDAP terms, exposing the model via the
>standard LDAP sockets protocol for applications and for database
>clusters is a no-brainer. Secure database and secure apps with the same
>piece of code, and security architecture is not the application
>programmer's problem any more.
>
>
Vulcan. It is intended primarily for user authentication, but could be
extended. An LDAP based security plugin would be an excellent addition
to the product set. That said, I am wary of LDAP rights management,
tending to believe that objects within a database system should be
managed by the database system. I'm not going to say that LDAP based
rights management is out of the question, but I'm going to need a lot of
convincing.
Incidentally, we're not home yet -- just sitting on the boat in the fog
exploiting somebody's unsecured wireless.