[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Re-authentication proposal for LedgerSMB 1.3 (HTTP Auth)

Subject: Re: Re-authentication proposal for LedgerSMB 1.3 (HTTP Auth)
From: Josh Berkus <..hidden..>
Date: Thu, 4 Oct 2007 11:03:24 -0700

Toni,

> You have a username/password combination set for the application that
> the application uses to request eg. authentication data from the
> database. Alternatively, you leap and implement OpenID, which "solves"
> all other problems for you.

This sort of a scheme works with application users stored in a table.  
However, LedgerSMB desires to use *database users* (i.e. ROLES) so that the 
same set of access restrictions can be maintained across 3rd-party 
applications which connect to the database.

-- 
Josh Berkus
PostgreSQL @ Sun
San Francisco

Follow-Ups:
- Re: Re-authentication proposal for LedgerSMB 1.3 (HTTP Auth)
  - From: Toni Mueller

References:
- Re-authentication proposal for LedgerSMB 1.3 (HTTP Auth)
  - From: Chris Travers
- Re: Re-authentication proposal for LedgerSMB 1.3 (HTTP Auth)
  - From: Chris Travers
- Re: Re-authentication proposal for LedgerSMB 1.3 (HTTP Auth)
  - From: Toni Mueller

Prev by Date: Re: Re-authentication proposal for LedgerSMB 1.3 (HTTP Auth)
Next by Date: Re: Re-authentication proposal for LedgerSMB 1.3 (HTTP Auth)
Previous by thread: Re: Re-authentication proposal for LedgerSMB 1.3 (HTTP Auth)
Next by thread: Re: Re-authentication proposal for LedgerSMB 1.3 (HTTP Auth)
Index(es):
- Date
- Thread