[Mulgara-dev] authentication in Mulgara
William Mills
wmills_92105 at yahoo.com
Sun Mar 9 04:52:31 UTC 2008
I wanted to drop a note to restart the conversation about authentication in Mulgara. I know it's in the plan for re-implementation. To reiterate the point I was making to Andre over dinner, lack of any authentication model makes Mulgara a non-starter at Yahoo and probably many other corporate environments. It is certainly possible to add an authentication layer in the application, but that doesn't solve the whole problem.
If I were king I'd probably offer the standard username/password authentication model because everyone expects it, but I'd also have the option of using something less sucky/replayable.
For authorization/access the common model used for the various SQL databases is well defined, but I'm not sure how closely it fits Mulgara. Certaibnly I'd like to differentiate between a system/root user and a less priveledged user. Access control down to the level of insert/delete from a model would be interesting. Control down to the row level that was explored in previous incarnations is, in my opinion, overkill.
-bill
More information about the Mulgara-dev
mailing list