| Subject | Re: [ib-support] User Management |
|---|---|
| Author | Paul Schmidt |
| Post date | 2002-02-05T14:40:29Z |
On 5 Feb 2002, at 12:38, Riho-Rene Ellermaa wrote:
usernames are "mangled" so that the user can't login as himself
and select the applications role, and potentially do damage. These
users are maintained from inside the application. Roles are handy
when you do it this way, because security is bound to the role
once, when you grant access to the role, users are granted the role
at user creation time.
Paul
Paul Schmidt
Tricat Technologies
paul@...
www.tricattechnologies.com
> I'm planning to secure my app a little and thought about starting withI use this very technique, although with a slight variation, the
> user management. Currently my app connects with predefined username
> and password that is in crypted form stored into app. The users names
> and passwords are in USERS table. Now I thought to change it - SYSADM
> will create new Interbase users, who will connect to database by
> entering their name and password (my app gives them specified ROLE).
> Are there any pitfalls in this approach?
>
> I noticed that in my IBO Help file there is this topic with (Work In
> Progress) notification. Are there other places to look?
>
usernames are "mangled" so that the user can't login as himself
and select the applications role, and potentially do damage. These
users are maintained from inside the application. Roles are handy
when you do it this way, because security is bound to the role
once, when you grant access to the role, users are granted the role
at user creation time.
Paul
Paul Schmidt
Tricat Technologies
paul@...
www.tricattechnologies.com