Brendan cheng-2 wrote: > > What design pattern do you recommend for user authentication and > authorization in neo4j graph? I'm searching a simple and flexible way to > restrict the access to certain part of graph which is dynamically depends > on the user and role...etc.How to avoid excessive traversing? > Any idea is appreciated! >
Use whatever authentication mechanism you want, such as Facebook auth, Twitter auth, or a home-grown authentication system. Store users as nodes, and you can do node-level authorization using a little metadata and bitwise arithmetic. For example, see... "How to Build Role-Based Access Control in SQL", by Baron Schwartz (author of "High Performance MySQL") Part 1: http://www.xaprb.com/blog/2006/08/16/how-to-build-role-based-access-control-in-sql/ Part 2: http://www.xaprb.com/blog/2006/08/18/role-based-access-control-in-sql-part-2/ This is for an SQL-based row-level authorization system, but it could be adapted to a graph-based node-level system. - James -- View this message in context: http://neo4j-community-discussions.438527.n3.nabble.com/Neo4j-Best-practice-for-User-Authentication-and-Authorization-tp3338055p3338333.html Sent from the Neo4j Community Discussions mailing list archive at Nabble.com. _______________________________________________ Neo4j mailing list [email protected] https://lists.neo4j.org/mailman/listinfo/user
