Richard Nuttall wrote:
- support for automatically pulling database DSN information from a
~/.dbi (or similar) file. This is constantly re-invented poorly.
Let's just do a connect by logical application name and let the
SysAdmins sort out which DB that connects to, in a standard way.
This reminds me one one thing I hate about DB access, and that is having
the DB password
stored in plain text.
Of course there are ways to provide some concealment, but nothing
particularly good or
integrated into the access.
If the "connecting by logical application name" could also include some
level of security
access, that would be a big improvement.
R.
Which is why major DBMSs are increasingly relying on SSO
based solutions. (e.g., Kerberos/LDAP authentication).
Not certain if DBI is the proper level to implement that,
(probably needs to be down at the DBD <=> DBMS level).
And "in a standard way" may still be wishful thinking.
Also, I'm not sold on the idea that a ~/.dbi file is particularly
secure in that regard. Not neccesarily opposed, just not convinced
its the right solution. (I don't like cleartext passwords either,
but due to the variance in DBMS's authentication methods, I don't know if
DBI can solve that problem).
- Dean
