tags:

views:

48

answers:

4
+1  Q: 

Users in database server or database tables

Hi all,

I came across an interesting issue about client server application design.

We have this browser based management application where it has many users using the system. So obvisously within that application we have an user management module within it.

I have always thought having an user table in the database to keep all the login details was good enough.

However, a senior developer said user management should be done in the database server layer if not then is poorly designed. What he meant was, if a user wants to use the application then a user should be created in the user table AND in the database server as a user account as well.

So if I have 50 users using my applications, then I should have 50 database server user logins.

I personally think having just one user account in the database server for this database was enough. Just grant this user with the allowed privileges to operate all the necessary operation need by the application. The users that are interacting with the application should have their user accounts created and managed within the database table as they are more related to the application layer. I don't see and agree there is need to create a database server user account for every user created for the application in the user table.

A single database server user should be enough to handle all the query sent by the application.

Really hope to hear some suggestions / opinions and whether I'm missing something? performance or security issues?

Thank you very much.

+1  A: 

No, users are authorized to use the application; the application is authorized to access the database. You don't need both.

You might have different access permissions in the database (e.g., users can't delete or drop tables; admins can do anything). In that case, it's typical to have a user-group-role design where users are assigned to groups, and each group has its own permissions.

duffymo  2010-06-08 10:34:06
Thanks for the reply duffymo
Batcat  2010-06-08 10:58:47
Harendra  2010-06-08 13:27:02
If you require that level of granularity, then there's no other option that I know if. Work with your DBA. The number of roles should be small compared to the number of users. And it would be smart to script such a thing.
duffymo  2010-06-08 13:49:46
A: 

I'm hoping to get more suggestions and opinions.

Batcat  2010-06-08 13:17:57
Don't answer your own question.
duffymo  2010-06-08 13:50:08
+1  A: 

Your "senior developer" is sadly mistaken. I'm not sure how someone who would qualify as "senior" would say that 1 app user==1 db user. As noted previously the application will not scale (in many respects). If the database is something like Oracle is he suggesting that any user of a large web application should be considered a db user as well in terms of licensing costs? What about handling user management?

I don't know what database you're using but a single user that is responsible for accessing the database via the application server is sufficient in most cases. Application users can be stored in the database, in LDAP, etc.

You don't want the maintenance nightmare of 1 app user = 1 db user. The senior person should be ashamed for suggesting such a thing.

 2010-06-08 13:36:14
A: 

I don't see any valid points in having user accounts created in the database for application users.

Maruthi  2010-06-09 01:02:53

related questions

User Control Public Shared Variables in ASP.NET 1.1 Not Working As Expected
Best place to save user information xp and vista
Training Users In Security
User Groups Management Implemenation for Desktop Application Question (C#) ?
iPhone application : is-it possible to use a "double" slider to select a price range
Getting multiple UI threads in Windows Forms
How do you store/share online your personal documents ?
Using windows authentication to log on to site using c#
What is the best way to add users to multiple groups in a database?
Unix Proc Directory
Have you ever faced an ethical issue when creating an application?
PostgreSQL 8.3 privileges not updated - wrong usage?
Hierarchical Group Permissions Theory/Resources?
Beta Test Guidelines / Agreement
Getting user photo from SPUser using WSS Object model
Do you know a service like uservoice.com for bug reports?
Multiple permission types (roles) stored in database as single decimal
Best Way to Unit Test a Website With Multiple User Types with PHPUnit
Average User Download Speeds
Passing switches to Xcode 3.1 user scripts
How do I add a user in Ubuntu?
Enumerate Windows user group members on remote system using c#
Should menu items always be enabled? And how do you tell the user?
What do you look for from a User Group?
How to make subdomain user accounts in a webapp