Thank you very much for your response. I like your option (2) as it
seems to solve the security problem and reduces the overall costs to
both us and the customer. And Yes, I would appreciate very much any
additional information or direction on this option. Our application
includes Point of Sale and has a need for realtime inventory levels
from a central warehouse so I don't think replication is a good
option here. Also there is not much of a security issure with
usernames and passwords internally, execpt for the possible
interception by internet hackers so this option looks real
interesting. In your opinion are there any other gotchas using
interbase this way, as compared to a adding middleware like ASTA. It
would seem to me that by stripping away the middle layer I would get
better performance. Thank again.

--- In IBObjects@y..., Dalton Calford <dcalford@d...> wrote:
> You have many options in this area.>
> 2) Do not use real user name/passwords. Have a single stored
procedure on
> the server that can only be run under one login(the only thing that
login can
> do). That stored procedure grabs the encrypted strings passed to
it by the
> client, decrypts them using Gregory Deatzs FreeUDFLib MD5 routines
(I can give
> more details if you are interested) and returns the users real
login name and
> password (encrypted with the same MD5 routines). That way, the
users never
> know thier true username or password except for that one
application.
> Meanwhile you get the full benefit of individual user names.
> (this is heavily summarized, I can go into more detail if you wish)
>