On Sat, 28 May 2011 10:07:56 -0700 Chris Travers <[email protected]> wrote:
> In other words, LedgerSMB doesn't authenticate users in 1.3, nor is it > the final check against exceeding permissions. These are both handled > by PostgreSQL. Really? I was unaware of that. I do not like that approach. We run our LSMB 1.2 installation on a machine that says "local all all trust" in pg_hba.conf; no normal users have accounts on that machine. Making application users into database roles is a bad decision, IMO. It forces you to use PostgreSQL's auth mechanism which, while admittedly "mature and well-tested", might not be the most convenient way to manage users in the application. I hope that you rethink this. It's a dealbreaker for me and means we can't use LSMB 1.3. Regards, David. ------------------------------------------------------------------------------ vRanger cuts backup time in half-while increasing security. With the market-leading solution for virtual backup and recovery, you get blazing-fast, flexible, and affordable data protection. Download your free trial now. http://p.sf.net/sfu/quest-d2dcopy1 _______________________________________________ Ledger-smb-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/ledger-smb-devel
