We have a similar issue regarding security. Some of the access to our
database will be by ODBC connections for reporting purposes (ie. Actuate
Report/Crystal Reports). Without creating a zillion or so views (which I
suspect carries with it alot of overhead), I believe it would be tricky to
maintain security.
Our application is medical related, and we are bound by HIPAA rules, so
security is most important. How would you architect this scenario so our
ASP customers cannot see each others data?
Naomi
> > I was more thinking that it might be possible to manage the security at
> a different level than the DB.
> >
>
>
>We do this with users and permissions.
>
>Each virtual host has an apache config include specifying a db user,
>pass (and database, although most of them use the same one).
>Permissions on the database tables are set so that a given vhost can
>only access their own data.
>
>Our setup is mod_perl. Don't know how one would go about doing this with
>PHP, but I imagine it has some mechanism for per-vhost variables or
>similar.
>
>-j
>
>--
>Jamie Lawrence [EMAIL PROTECTED]
>"Remember, half-measures can be very effective if all you deal with are
>half-wits."
> - Chris Klein
>
>
>
>---------------------------(end of broadcast)---------------------------
>TIP 2: you can get off all lists at once with the unregister command
> (send "unregister YourEmailAddressHere" to [EMAIL PROTECTED])
-------------------------------------------------------------------------------------------------------------------------
Naomi Walker Chief Information Officer
Eldorado Computing, Inc.
[EMAIL PROTECTED] 602-604-3100
-------------------------------------------------------------------------------------------------------------------------
Insanity is doing things in the same way and expecting different results.
------------------------------------------------------------------------------------------------------------------------
-- CONFIDENTIALITY NOTICE --
This message is intended for the sole use of the individual and entity to whom it is
addressed, and may contain information that is privileged, confidential and exempt
from disclosure under applicable law. If you are not the intended addressee, nor
authorized to receive for the intended addressee, you are hereby notified that you may
not use, copy, disclose or distribute to anyone the message or any information
contained in the message. If you have received this message in error, please
immediately advise the sender by reply email, and delete the message. Thank you.
---------------------------(end of broadcast)---------------------------
TIP 2: you can get off all lists at once with the unregister command
(send "unregister YourEmailAddressHere" to [EMAIL PROTECTED])
