Hi Experts :

I am a little new to Logical / ERD Designing and really will appreciate any guidance.
I must design an ERD/logical flow of a web based USER AUTHENTICATION module.
Currently LDAP is used for all such authentication and permissions for users. We want to get this to the database.

What i intend ?
a)User logs in
b) is checked which group he belogs to ?
c) depending on the group, he is allocated to applications. He might have only View permission to this application and have write , update permission
to another application also. How do I achieve this functionality ?

The User logs in using2)

logs into what exactly? : Logs into web based application
logs in how? He logs in using a page which is a web based application.
logs in using what? : his database username and password.
Is this a 3-tier application? : Yes it is on an ibm websphere.

Please help ! Kindly guide as to get this design place , the logical / ERD design ?

thanks in anticipation.

i dont knw how to attach files here . i have prepared one ERD, logical diagram but dont know how to share. if any one could
please share email ids i can share my ones and you guys could please guide .

Thanks in anticipation.

You will need the following tables:

FUNCTIONS: Things users are allowed to do
GROUPS: The different groups
GROUP_FUNCTIONS: Which group can do which function
USER: maps users to a Group

This will require double work in maintaining the users. They will still be entered into LDAP but will also have to be configured in the database with the above tables.

Andy