List:General Discussion« Previous MessageNext Message »
From:SGreen Date:February 7 2006 2:25pm
Subject:Re: How to create an application for managing users
View as plain text  
Célio Cidral Junior <ccidral.newsbox@stripped> wrote on 02/05/2006 
02:20:48 PM:

> 2006/2/4, sol beach <sol.beach@stripped>:
> > What other C# applications have you previously written?
> > Do you know anything more than how to spell SQL?
> > Have you ever installed and administered MYSQL?
> 
> I have been working as a professional programmer for around five
> years, and have been writing enterprise .NET applications for around
> three years. Among the SGBDs I've been working are Oracle and MSSQL.
> Actually, I have written my first application using MySQL 4.1 for
> academic purposes. I installed MySQL at home and have been playing
> with it together with the MySQL Administrator tool.
> 
> But I think that my question was not clear enough, so please let me
> explain a bit more. What I exactly want is to manage those 'native'
> users registered at the MySQL database, those who have permissions set
> upon determined db schemas, those who you create through the MySQL
> Administrator tool (for example). I'm *not* talking about creating a
> custom table called USERS or something and write CRUD statements to
> manage them.
> 
> Why do I want that in such a way? Because I want my clients to login
> to the application using their own corresponding 'native' users. And I
> will delegate to one of them the responsibility to manage users. If I
> store users in a USERS table, I will need a 'global' user with which
> all clients use to login. The 'global' user's password would be stored
> locally at each client workstation (the application I'm referring is a
> client/server, desktop one). This way is naive and insecure.
> 
> I hope you or anybody else can help me. Let me know if my explanation
> is still bad.
> 
> Regards,
> 
> Célio Cidral Junior
> 

There already IS a users table that you can either send CRUD statements to 
or manage through the GRANT and REVOKE statements. Since MySQL security 
also gets down to the column level, there is a table for each level of 
user permissions: user, db, tables_priv, and columns_priv. The appropriate 
records and settings in those tables determines the access rights (the 
ACL) for native MySQL user accounts.

Because these are "system" tables, they are not guaranteed to exist from 
one version to another nor are the columns' names or purposes guaranteed 
to stay the same between releases. You can directly edit them as you see 
fit but you must remember to issue a FLUSH PRIVILEGES command in order for 
your changes to take immediate effect.

The parts of the manual pertinent to your task:

http://dev.mysql.com/doc/refman/4.1/en/security.html
http://dev.mysql.com/doc/refman/4.1/en/privilege-system.html
http://dev.mysql.com/doc/refman/4.1/en/user-account-management.html
http://dev.mysql.com/doc/refman/4.1/en/account-management-sql.html

Shawn Green
Database Administrator
Unimin Corporation - Spruce Pine
Thread
How to create an application for managing usersCélio Cidral Junior4 Feb
  • Re: How to create an application for managing usersPeter Brawley4 Feb
Re: How to create an application for managing usersCélio Cidral Junior5 Feb
  • Re: How to create an application for managing usersSGreen7 Feb
    • Re: How to create an application for managing usersCélio Cidral Junior7 Feb