Russell E Glaue wrote:
No one probably wants to go through the trouble to code this solution.... but it
is possible to use MySQL Proxy to filter the SQL statements and results.
MySQL Proxy sits in between MySQL Server and the MySQL Client.
It can read queries, modify them, send queries to the server or deny them all
together, and even read results and modify them as well, or deny the results to
be sent back to the client.
Perhaps if you can resolve to a less complicated set up, but still lean towards
the VPD idea, MySQL Proxy might work for you.
I just wanted to throw this solution out in case it was useful.
-RG
Hi Russel,
That sounds like a cool idea and makes sense. That is what made me feel
oogy about the idea of trying to do something like this with MySQL
privileges. I read tons of things that say the real auth layer should be
separate. And that VPD example was a good example of how fine grained
and therefore complex auth schemes can get. I would guess that following
your idea further, it could end up being more scalable(sorry I hate that
word it is so overused) that is easy to change and upgrade.
I am interested in the many dbs vs one big db issue because I followed
the many db choice at one time. It did make sense because I could answer
all three of the questions in my previous post a big YES. But, it was a
lot of extra work, esp over time. I also discovered you can do cross DB
joins, but that makes some DBAs shriek in horror :)As it should.
Thanks,
Eric
--
MySQL General Mailing List
For list archives: http://lists.mysql.com/mysql
To unsubscribe: http://lists.mysql.com/[EMAIL PROTECTED]
