Say you've got a bunch of Windows desktops. And you've
got a Linux server running MySQL (or any other database).
And you want to store all sorts of interesting info in
And you want to have nice, easy-to-deploy web-based
front-ends, along with maybe some harder-to-deploy, but
more flexible Win32 (VB/whatever) front-ends.
This is all straightforward. MySQL/Apache/PHP/MyOBDC
are all the buzzwords I need so far...
And now say that you want to protect this data such
that different users have different access levels (none,
read-only, modify, delete, etc) to these tables.
So you need to have user accounts in your database.
No problem, MySQL has a flexible enough security
infrastructure to do this. (Although I don't
think it supports authenticating via PAM from our
NT domain using pam_smb.)
But, what's the best way of getting the user's
credentials? I really don't like the idea of
prompting the user for a username and password at the
start of every web session or when they launch their
Win32 clients. And caching this info in a cookie or
the registry is nasty too...
Of course, the "recommended" way to deal with this
is to use MS SQLServer and IIS and use the integrated
NTLM authentication stuff and everything should "just
work". However, unsurprisingly, there's a big soul-selling
aspect to this that I just don't like...
Anyone have any ideas on the best ways to deal with
authentication and databases? How do the big boys
(Oracle, etc) deal with this?
Maintained by the ILUG website team. The aim of Linux.ie is to
support and help commercial and private users of Linux in Ireland. You can
display ILUG news in your own webpages, read backend
information to find out how. Networking services kindly provided by HEAnet, server kindly donated by
Dell. Linux is a trademark of Linus Torvalds,
used with permission. No penguins were harmed in the production or maintenance
of this highly praised website. Looking for the
Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!