| Subject | A question about roles |
|---|---|
| Author | Miracle Information Systems |
| Post date | 2007-05-09T12:14:39Z |
We are using Firebird 2.0.1 database for the Delphi application we have developed.
The users that use the application must have different access permissions on tables so we use roles to achieve that.
So everytime a user connects to the database he supplies the username, role and password in order to connect.
So far so good.
I have tried to establish connections withour supplying the role, but then the user cannot access anything that is not explicitly granted to the user or ALL for select. I personally don't like granting permissions to users explicitly. I prefer granting roles to users.
My question is why the user should supply the role to the database. Doesn't the database know which role every user belongs to. After all as I've seen from the metadata, there are such structures that keep the memberships in the database.
And how should I deal with users granted more that one roles at a time since I can provide only one role to the connection.
Thanks
Jean-Paul
The users that use the application must have different access permissions on tables so we use roles to achieve that.
So everytime a user connects to the database he supplies the username, role and password in order to connect.
So far so good.
I have tried to establish connections withour supplying the role, but then the user cannot access anything that is not explicitly granted to the user or ALL for select. I personally don't like granting permissions to users explicitly. I prefer granting roles to users.
My question is why the user should supply the role to the database. Doesn't the database know which role every user belongs to. After all as I've seen from the metadata, there are such structures that keep the memberships in the database.
And how should I deal with users granted more that one roles at a time since I can provide only one role to the connection.
Thanks
Jean-Paul