[Mulgara-dev] authentication in Mulgara

[William Mills]

I wanted to drop a note to restart the conversation about authentication in Mulgara.  I know it's in the plan for re-implementation.  To reiterate the point I was making to Andre over dinner, lack of any authentication model makes Mulgara a non-starter at Yahoo and probably many other corporate environments.  It is certainly possible to add an authentication layer in the application, but that doesn't solve the whole problem.

If I were king I'd probably offer the standard username/password authentication model because everyone expects it, but I'd also have the option of using something less sucky/replayable.

For authorization/access the common model used for the various SQL databases is well defined, but I'm not sure how closely it fits Mulgara.  Certaibnly I'd like to differentiate between a system/root user and a less priveledged user.  Access control down to the level of insert/delete from a model would be interesting.  Control down to the row level that was explored in previous incarnations is, in my opinion, overkill.

-bill