Subject Re: [Firebird-Architect] Digest Number 1071
Author Jim Starkey
David Johnson wrote:

>(security data) as the underlying database.
>Jim has not talked about exposing the security API yet, but once you get
>to the point that you realize that his proposal is LDAP like to the
>point you can speak of it in LDAP terms, exposing the model via the
>standard LDAP sockets protocol for applications and for database
>clusters is a no-brainer. Secure database and secure apps with the same
>piece of code, and security architecture is not the application
>programmer's problem any more.
The security plugin API is defined by the class SecurityPlugin in
Vulcan. It is intended primarily for user authentication, but could be
extended. An LDAP based security plugin would be an excellent addition
to the product set. That said, I am wary of LDAP rights management,
tending to believe that objects within a database system should be
managed by the database system. I'm not going to say that LDAP based
rights management is out of the question, but I'm going to need a lot of

Incidentally, we're not home yet -- just sitting on the boat in the fog
exploiting somebody's unsecured wireless.