Rick,

I meant restricting access to database for my web applications. External
users does not have logins to my database at all. Site authentication is
implemented separately.

Andrew.

Rick Fincher wrote:

>Hi All,
>
>I'm curious about the use of role based security for applications like this
>rather than name based.
>
>Do you create multiple data sources with different roles and then only allow
>the user to use the data source that corresponds to their access level?
>
>Or are you implementing the role on an application-wide level to restrict
>the app to certain types of access?
>
>This gets a little confusing when referring to Tomcat because it uses a
>similar (but different) concept of roles in its container managed user
>validation.
>
>Rick
>
>
>