On 01/18/12 16:29, Dimitry Sibiryakov wrote: > 18.01.2012 13:18, Alex Peshkoff wrote: >> But I do not like an idea of making SQL >> command (GRANT CREATE DATABASE TO SomeUser) dependent upon >> authentication plugins behavior. > But you don't mind SQL command CREATE USER to be dependent on plugin, do > you?..
I mind. There were 2 choices - current and use of common table-writing code with plugin only creating hash for password. But second appeared to have too many limitations. First of all, only hell knows what format of password's hash is needed for given plugin. Certainly, binary BLOB can satisfy any requirements, but for example in SRP case it happened to be more convenient to have two separate fields - salt and hash. Next, plugin writer is definitely not forced to store it's data in firebird database. If one decides that use of plain text or oracle remote server is better for his needs - why not? And last but not least - we pass some commands (like ADD_OPER, DEL_OPER, etc.) to plugin, and it's supposed that it must perform exactly that operation which was requested. But your suggestion was to let plugins do what they want, up to completely ignoring granted rights. Main question - what do we win using plugins here? ------------------------------------------------------------------------------ Keep Your Developer Skills Current with LearnDevNow! The most comprehensive online learning library for Microsoft developers is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3, Metro Style Apps, more. Free future releases when you subscribe now! http://p.sf.net/sfu/learndevnow-d2d Firebird-Devel mailing list, web interface at https://lists.sourceforge.net/lists/listinfo/firebird-devel
