On Sat, Nov 10, 2001 at 03:02:54PM -0800, Mike Bresnahan wrote: > > Most of the apps I work on authentication is handled at > > application layer, not > > the database layer. > > > > Is this uncommon to everyone else? > > > > More or less the DB is just persistent storage. > > Yes, in my experience the security model provided by the RDBMS is often > lacking in features needed to fullfill the requirements. This is > particularly true when there security at the row or column level. 1. Trusted Oracle 2. You make a schema owner and then all the users have views over the master tables allowing them to see only what they are supposed to. florin -- "If it's not broken, let's fix it till it is." 41A9 2BDE 8E11 F1C5 87A6 03EE 34B3 E075 3B90 DFE4 -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 230 bytes Desc: not available Url : http://shadowknight.real-time.com/pipermail/tclug-list/attachments/20011110/b888cfe9/attachment.pgp