| Subject | Re: [firebird-support] Another question on grant |
|---|---|
| Author | unordained |
| Post date | 2010-05-24T21:15:36Z |
---------- Original Message -----------
From: PenWin <penwin@...>
My coworker started using Firebird last week (usually works with SQLServer), and
asked about this. On the fly, I BS'ed that this was because Firebird also
supports "native" authentication modes, where the database server doesn't know up-
front what users might exist, they're managed via Unix or ActiveDirectory, but
Firebird only knows about them when they successfully log in. In that way, it's
kind of a feature. It's hard to maintain referential integrity on permissions <->
users, when the authentication system(s) you're using won't "play ball" and tell
you when users get dropped or renamed. I don't know if that's the *reason*, or if
there are other good ones, but that's what came to mind.
-Philip
From: PenWin <penwin@...>
> The magic of Firebird :-)------- End of Original Message -------
>
> You can grant rights to a non-existent user. As soon as that user is
> created, the grant will start working for him.
My coworker started using Firebird last week (usually works with SQLServer), and
asked about this. On the fly, I BS'ed that this was because Firebird also
supports "native" authentication modes, where the database server doesn't know up-
front what users might exist, they're managed via Unix or ActiveDirectory, but
Firebird only knows about them when they successfully log in. In that way, it's
kind of a feature. It's hard to maintain referential integrity on permissions <->
users, when the authentication system(s) you're using won't "play ball" and tell
you when users get dropped or renamed. I don't know if that's the *reason*, or if
there are other good ones, but that's what came to mind.
-Philip