Results 1 to 3 of 3
  1. #1
    Join Date
    Apr 2011

    Unhappy Unanswered: User Authentication & Permissions

    Hi Experts :

    Brief Explanation :

    1)user logs into what exactly? : Logs into web based application
    2)user logs in how? He logs in using a page which is a web based application.
    3)user logs in using what? : his database username and password.
    4)Is this a 3-tier application? : Yes is on an ibm websphere.
    5) Current user Authentication : LDAP

    Our Requirement : To get this User Authentication & Permission to the Database.

    I am a little new to Logical / ERD Designing and really will appreciate any guidance.
    I must design an ERD/logical flow of a web based USER AUTHENTICATION module.
    Currently LDAP is used for all such authentication and permissions for users. We want to get this to the database.

    What i intend ?
    a)User logs in
    b) is checked which group he belogs to ?
    c) depending on the group, he is allocated to applications. He might have only View permission to this application and have write , update permission
    to another application also. How do I achieve this functionality ?

    i dont knw how to attach files here . i have prepared one ERD, logical diagram but dont know how to share. if any one could
    please share email ids i can share my ones and you guys could please guide .

    Please help ! Kindly guide as to get this design place , the logical / ERD design ?

    thanks in anticipation.

  2. #2
    Join Date
    Aug 2003
    Where the Surf Meets the Turf @Del Mar, CA
    Provided Answers: 1
    >3)user logs in using what? : his database username and password.
    Contrary to what you state above, the user does NOT have database name.
    The user has application username.
    >Our Requirement : To get this User Authentication & Permission to the Database.
    Again statement above is not correct.
    It should read as follows, "Permission to the Application".

    You can not use database centric utilities to determine data access from within custom application.
    The application controls who can do what within the application & Oracle RBMS is data repository.
    You can lead some folks to knowledge, but you can not make them think.
    The average person thinks he's above average!
    For most folks, they don't know, what they don't know.
    Good judgement comes from experience. Experience comes from bad judgement.

  3. #3
    Join Date
    Nov 2003
    Provided Answers: 8
    Why do you ask the same thing for three different RDBMS?

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts