We have written a browser application that requires a user
signon/authentication. The application supports a client/server application
that has its own built-in security concept, and we are trying to pattern the
browser security after the client (for ease of maintenance). The client
application uses Oracle security for its initial check to ensure the user is
a valid user of the database. Users are defined to the database with only
connect privileges. When a user provides a userid and password, the
application attempts a signon. If it is successful, the application then
issue a reconnect and signs on as a "super user" with all privileges. The
rest of the security features within the application are controlled by the
application itself. We would like to do a similar thing, but it seems we
can't issue the connects from inside webserver which itself is signed on as
webuser -- another super user. Any thoughts?
-----------== Posted via Deja News, The Discussion Network ==----------
http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own
Received on Wed Nov 25 1998 - 09:22:37 CST
