Great link James, I was looking for something to refer to when writing an update for http://wiki.neo4j.org/content/ACL for the docs. This goes about half way but should show you the principles?
/peter Sent from my phone. On Sep 15, 2011 10:42 AM, "espeed" <[email protected]> wrote: > > Brendan cheng-2 wrote: >> >> What design pattern do you recommend for user authentication and >> authorization in neo4j graph? I'm searching a simple and flexible way to >> restrict the access to certain part of graph which is dynamically depends >> on the user and role...etc.How to avoid excessive traversing? >> Any idea is appreciated! >> > > Use whatever authentication mechanism you want, such as Facebook auth, > Twitter auth, or a home-grown authentication system. > > Store users as nodes, and you can do node-level authorization using a little > metadata and bitwise arithmetic. For example, see... > > "How to Build Role-Based Access Control in SQL", by Baron Schwartz (author > of "High Performance MySQL") > Part 1: > http://www.xaprb.com/blog/2006/08/16/how-to-build-role-based-access-control-in-sql/ > Part 2: > http://www.xaprb.com/blog/2006/08/18/role-based-access-control-in-sql-part-2/ > > This is for an SQL-based row-level authorization system, but it could be > adapted to a graph-based node-level system. > > - James > > -- > View this message in context: http://neo4j-community-discussions.438527.n3.nabble.com/Neo4j-Best-practice-for-User-Authentication-and-Authorization-tp3338055p3338333.html > Sent from the Neo4j Community Discussions mailing list archive at Nabble.com. > _______________________________________________ > Neo4j mailing list > [email protected] > https://lists.neo4j.org/mailman/listinfo/user _______________________________________________ Neo4j mailing list [email protected] https://lists.neo4j.org/mailman/listinfo/user
