Dale Schmitz wrote:
> My big question for this post regards database login by end users.
> In the Access database, users logged in as a way of verifying to the database
> super user that they were legitimate users of the database,
> but everything ran as the DB owner (the super user I mentioned).
> In converting this application I’m tempted to go the same route,
> but only because I saw that it worked in Access.
> The users will have flags in their records stating their role,
> and hence what they can and can’t do, but I wonder if this is smart.
The best setup is probably like this:
Don't have a database user for each application user, but use
one database user for the application to connect to the database.
That database user ideally should not own the tables, but only have
the permissions necessary to run the application.
That reduces the damage that can be done if an attacker breaks into
your application with SQL injection or otherwise.
Manage your application users in a database table.
If you have different kinds of application users with different sets
of permissions (e.g. some that may only read, but not modify the data)
you could use more than one application user with the appropriate
permissions and reconnect as that user after you have authenticated the
application user.
Yours,
Laurenz Albe