web application security issue
Posted by: arsene lin
Date: August 21, 2009 11:06AM

I have a general question regarding to security issue. I am developing a web application and it will access to the database for doing authentication and authorization purpose.

Now my problem is generally how people will design database table so that when web application can use db authentication and authorization information efficiently? For instance, I would create tables which resembles unix security setting.

USERS (ID, USER_NAME, PASSWORD)
USER_GROUP (USER_ID, GROUP_ID)
GROUP (ID, GROUP_NAME)

PERMISSION (ID, OWNER_PERMISSION, GROUP_PERMISSION, OTHER_PERMISSION, PAGE_NAME)

where PERMISSION table contains web page to be accessed. However, after thinkging again, I suppose that the application may need to store all pages used in web application, which is inefficient.

So I would like to ask - is there any best practise regarding to design database security for web application?

I appreciate suggestion.

Thank you very much.

Options: ReplyQuote


Subject
Written By
Posted
web application security issue
August 21, 2009 11:06AM


Sorry, you can't reply to this topic. It has been closed.

Content reproduced on this site is the property of the respective copyright holders. It is not reviewed in advance by Oracle and does not necessarily represent the opinion of Oracle or any other party.