Hi, >What I'd like more is what I outlined more than one year ago: some mean to >change the database user to the user that is logged in the application. Of > > There is a name for this design pattern, and I've completely forgotten it. You're right that it offers defence-in-depth, although at the cost of efficiency. I know some online banking operations have an active directory user for every customer, and everything processing a customer's requests runs with that identity, through several application tiers.
>This isn't hard to do if one gets into the right point of the database >connection and Identity. I didn't have time to implement that yet, but I >remember checking the code some months ago. > > My gut feel is that it would be quite hard, but I'm prepared to be shown wrong. Do you have a particular database and platform in mind? Might be best to start with a single target and go from there. Paul --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "TurboGears" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/turbogears?hl=en -~----------~----~----~----~------~----~------~--~---
