Plateforme Level Extreme
Abonnement
Profil corporatif
Produits & Services
Support
Légal
English
What do you do for applications' login?
Message
De
26/04/2001 15:26:13
John Koziol
Ultimate Software
Miami, Floride, États-Unis
 
 
À
26/04/2001 12:28:13
Brian Jacon
Selkirk, New York, États-Unis
Information générale
Forum:
Visual FoxPro
Catégorie:
Autre
Titre:
Re: What do you do for applications' login?
Divers
Thread ID:
00500202
Message ID:
00500326
Vues:
15
Hi Brian,

How I define security at the application level generally depends on how "granular" I need security. If it's just access to the application I am checking, then I'll generally try to use the network login (with attendent rights and permissions) and I won't have any security, per se, in the application.

OTOH, if only some functionality in the app needs to be managed (Sue can add records, Harry can't), then I'll check the network username versus a local table with flags for rights -- which are maintained in the application by users with "Admin" rights to the application.

I don't want to cop-out on a clear answer to what to do in the client-server setting, but the only straight answer I can give you on that one is that whatever you do, ensure it is compliant with the security policies established by the DBA and/or network administrator.


>I was wondering about what most of you do for prompting users to login to your applications, if at all.
>
>Do you/your clients generally require this or are your applications usually only distributed to the users who are supposed to have access?
>
>Do you interface with the network login and use that to authenticate or do you create a user table for the app itself?
>
>When using a back-end DB like Oracle, SQLServer, do you have the app connect in with a dba account and just handle rights and roles within your app?
>
>
>Most of the stuff I've done only required basic security, like rights to screens, running particular reports, tracking who modifed each record, etc. So I've written everything into the app itself. The only issue was being able to see passwords, but I have a basic work around for that. Since most have been desktop apps, they've pretty much stuck to VFP databases and the users needed to get into the tables "behind-the-scenes" anyway.
>
>I ask this because now I'm planning on creating a client/server version of one of my apps and would like to know how the experts handle this.
>
>
>Thanks for any comments, ideas, past experiences your willing to share on this.
>
>- Brian
------------------------------------------------
John Koziol, ex-MVP, ex-MS, ex-FoxTeam. Just call me "X"
"When the going gets weird, the weird turn pro" - Hunter Thompson (Gonzo) RIP 2/19/05
Précédent
Répondre
Fil
Voir

Click here to load this message in the networking platform