User credential and verification [message #1794253] |
Tue, 28 August 2018 02:01  |
Eclipse User |
|
|
|
Hi all, good day.
I had a simple running system using Eclipse Scout - Photon, the system verify the user's credential by accessing the database and get the user's password from the specific table base on the provided username. I am using the database admin credentials to access (login) to the database, here's the problem: I want to use the user's credential to access to the database, or should i say i want to use the user's credential to create connection to the database. So that, in this way i can create two layers of security by (i) the user credential must be registered or belong to a certain role of database and that role is allowed to login to the database, (ii) when that credential passes the first layer then (ii) the credential will be verified again (second layer of security) using the specific table (user's credential table) of the database. In these way, i can increase security measures. By the way, i am using PostgreSQL.
I would be much happy and glad if you guys can give me a hand on how to do it.
Thank you so much in advance.
|
|
|
|
|
Re: User credential and verification [message #1797100 is a reply to message #1797009] |
Thu, 25 October 2018 04:45  |
Eclipse User |
|
|
|
Hi Mark
You can just call me Mat. No need for the sir ;-)
I have no experience in a setup that connects to the database with the real user credentials. Scout is also not prepared for this setup out of the box.
I think it is feasible to create an application with that setup but there might be some pitfalls on the way:
1. Scout does not have the password of the user available on the backend by default. You would need to send it to the backend (encrypted, e.g. https) and maybe store there in the session. Currently the Scout Service Tunnel cannot do that.
2. The Scout Connection Pool for leasing JDBC Connections to the database can probably not be used.
Hope this helps you in your concerns.
Kind regards
Mat
|
|
|
Powered by
FUDForum. Page generated in 0.09947 seconds