Hi, For what I've seen, first issue to address is that password is hashed on client side before to opening the and in this scenario has be sent to a server
In my mind external authentication should be plugged in as an additional option without creating incompatibilities (especially in the protocol) It could be obtained by using connectionInfo properties; a new client side property AUTHREALM={xxx} trigger: * on client to store the password in a temporary property (like _PASSWORD) * on server side it act as a flag for externally authenticated users At the end of authentication these properties should be removed from connectionInfo on both sides Another point is how to model it: - it would be great to define external users as temporary database users - rights of external users to object database managed trough roles - mapping between external users and database roles performed during authentication What do you think? I'm creating a prototype (project mysinmyc/h2database) to preview the feature; obviosly i've to perform some tests to make it stable There is a running server sample org.h2.samples.MockAuthenticator that accept any user (password=username) Il giorno sabato 12 maggio 2018 06:52:24 UTC+2, AleVen ha scritto: > > Hi, > > To expose directly H2 databases to end users it would be great support for > external authentication providers (like ldap,...) . > > > Many thanks > > > -- You received this message because you are subscribed to the Google Groups "H2 Database" group. To unsubscribe from this group and stop receiving emails from it, send an email to h2-database+unsubscr...@googlegroups.com. To post to this group, send email to h2-database@googlegroups.com. Visit this group at https://groups.google.com/group/h2-database. For more options, visit https://groups.google.com/d/optout.