Comments on: Role-based access control in SQL, part 2 http://www.xaprb.com/blog/2006/08/18/role-based-access-control-in-sql-part-2/ Stay curious! Fri, 10 May 2013 13:48:52 +0000 hourly 1 http://wordpress.org/?v=3.5.1 By: Dennis Gearon http://www.xaprb.com/blog/2006/08/18/role-based-access-control-in-sql-part-2/#comment-19508 Dennis Gearon Mon, 25 Jul 2011 03:09:27 +0000 http://www.xaprb.com/blog/?p=215#comment-19508 Mesa,
Just reread article, both pages. Xarpb talks about maybe putting the unix perms in with the other perms. If you do so, let us know.

Danny,
I like the idea of stored procedures as well. It would REALLY interfere with an ORM/Framework like Symfony, CakePHP, Spring-Roo-Hibernate, which expect to run just standard queries against the database. Actually, I’m not sure how to combine them. I’ll probably have to implement it as a separate authorization ‘service’ that gets consulted prior to any action on objects/tables. This doesn’t prevent coders from making mistakes, wich is a key design point in any good system.

I THINK there is a way to partition between the ORM and the dbase layer that may allow a ‘separation of concerns’ in Java. I’ll see eventually. And I’ll post it.

]]> By: Mesa http://www.xaprb.com/blog/2006/08/18/role-based-access-control-in-sql-part-2/#comment-19504 Mesa Thu, 21 Jul 2011 15:22:55 +0000 http://www.xaprb.com/blog/?p=215#comment-19504 Dennis I like the unixperms very much as I think they would probably handle most cases, but I also kinda like the way the extra permissions are handled, and thought I would like to make everything consistent. That is handle all the permissions the way they are done in part 2.

I am determined to implement this, and am fiddling.

]]> By: Dennis Gearon http://www.xaprb.com/blog/2006/08/18/role-based-access-control-in-sql-part-2/#comment-19501 Dennis Gearon Wed, 20 Jul 2011 03:37:57 +0000 http://www.xaprb.com/blog/?p=215#comment-19501 When I’ve done more with it, I will add to this blog to help everyone. Give me till the end of the year, though ;-)

]]> By: Xaprb http://www.xaprb.com/blog/2006/08/18/role-based-access-control-in-sql-part-2/#comment-19500 Xaprb Tue, 19 Jul 2011 20:01:13 +0000 http://www.xaprb.com/blog/?p=215#comment-19500 I have grown accustomed to reading responses to this post, but the system is complex enough that I don’t truly remember it anymore, and would need to study again to provide meaningful answers. So I apologize for my lack of replies. But I’m likely not to find time to dig into this again, and hope that what I’ve posted is a helpful starting point to people searching for a solution.

]]> By: Dennis Gearon http://www.xaprb.com/blog/2006/08/18/role-based-access-control-in-sql-part-2/#comment-19499 Dennis Gearon Tue, 19 Jul 2011 00:56:37 +0000 http://www.xaprb.com/blog/?p=215#comment-19499 From what I’ve seen, this page is no longer paid attention to by the owner.

I haven’t implemented it yet. I will be doing it with a JAVA front end.

About the unix perms. I don’t know specifically, but I think having the hybrid nature of this, unix_perms + ACL(?) is what makes it so fast and versatile. You get off the ground with the unix perms, run most queries with that, and then get your corner/edge permission-object-user conditions as needed.

]]>