SKIP: Add support for (SSO) groups per database

0 votes

Today it's possible to define group permissions per connection but we would like to have the same ability per database. In our case we use one database server for different applications targeted at different user groups. A work-around is to create a connection per database but it would be easier if this was implemented in the application. :-)

in Features (Skip) by (170 points)
recategorized by

1 Answer

0 votes

The security is tied to the database connection. The primary reason for this is so that you can use an application-specific database-user to help limit and properly define the security for that application.

The intention is that for multiple applications you would create multiple database accounts (e.g. appHR, appCRM, appFinanceAudit, etc...) with each account focused on the needs for that application. This is true even if all of the applications are in exactly the same database and use some common tables.

Not only does that improve the application security, but it also means that dbFront has to load and manage fewer database objects per application.

Using a single database connection for multiple applications seems more efficient but it has the potential to create problems with separation of concerns, performance and security.

For those reasons I have decided to skip this request.

by (64.5k points)
Welcome to the dbFront Q&A site, where you can ask questions and receive answers from other members of the community.
 | Minimalist Answer Theme by Digitizor Media
Powered by Question2Answer