Chris Hughes
ProgressTalk.com Sponsor
Hi all
I've read up about database security and tokens etc, but would like to ask a far more fundamental question - I guess I'm missing something somewhere but it just isn't clear to me. At this stage I'm not looking to integrate Windows authentication or other OS level options.
So I want a DB with the blank id disallowed (I think).
I would look to create _user records and each user would essentially have access to all tables (other security handled by the app itself). Or as I understand it deny all, but allow all my users at table level.
So when designing the initial login screen / process, I can't connect to the database (as I have no user) so....
Option 1, without a db connection prompt for credentials and then use a pf file but add the user input credentials to that.
Option 2, create a real low level _user called "connector" that has read access to _user only on each database add this to all pf files, Prompt for credentials and then look to switch all the active connections to that user.
I figure many people must have got over this fundamental hurdle in their quest for compliance etc, any advice or guidance is very much appreciated.
Thanks
Chris
I've read up about database security and tokens etc, but would like to ask a far more fundamental question - I guess I'm missing something somewhere but it just isn't clear to me. At this stage I'm not looking to integrate Windows authentication or other OS level options.
So I want a DB with the blank id disallowed (I think).
I would look to create _user records and each user would essentially have access to all tables (other security handled by the app itself). Or as I understand it deny all, but allow all my users at table level.
So when designing the initial login screen / process, I can't connect to the database (as I have no user) so....
Option 1, without a db connection prompt for credentials and then use a pf file but add the user input credentials to that.
Option 2, create a real low level _user called "connector" that has read access to _user only on each database add this to all pf files, Prompt for credentials and then look to switch all the active connections to that user.
I figure many people must have got over this fundamental hurdle in their quest for compliance etc, any advice or guidance is very much appreciated.
Thanks
Chris