Subject RE: [ib-support] Re: Database and application security
Author Christhonie Geldenhuys
Thanks Andrew, that! Just what I needed!

-----Original Message-----
From: csswa [mailto:csswa@...]
Sent: 25 July 2002 16:46
Subject: [ib-support] Re: Database and application security

Your requirements are detailed in this document:

Andrew Ferguson

--- In ib-support@y..., Christhonie Geldenhuys <christhonie@w...>
> Hi all,
> I am a novice if it comes to implementing database security, so I
want to
> know;
> Is it a bad idea to use a generic user to log into the database,
storing the
> password within the application? I was planning to have my own
user table
> and perform authentication on the client side, hashing the password
> (with MD5) and compare it to the hashed string in the table.
> The alternative (I guess) would be to use individual database user
> but I want the users to be able to change their own passwords, but
how do
> you do that? I am under the impression you need to be logged in as
> to accomplish this. Also, I want to keep track of failed login
> with a lockout count and lockout time. I would typically use the
> TIBSecurityService component under Delphi to add and modify user
accounts to
> isc4.gdb. I don't want to hard-code the SYSDBA password in my
> so what can I do?
> The IB documentation does not give enough information on how to
> this. Help would be appreciated!
> Regards,
> Chris

Yahoo! Groups Sponsor

To unsubscribe from this group, send an email to:

Your use of Yahoo! Groups is subject to the Yahoo! Terms of Service.