On Thu, Jun 30, 2005 at 13:39:09 +0200, Fabien COELHO <coelho@cri.ensmp.fr> wrote:
>
> The standard talks about 2 distinct concepts: USER and ROLE (4.34). I'm
> not sure it is a good idea to drop the user concept to replace it by role.
> If you do so, you may miss something about what roles are about.
I think it is a good idea to make users synonymous with roles with
regard to privileges. This will make checking for access simpler
and mistakes less likely. The special part of being a user in addition
to a role is that being a user allows for authentication.