I have a web application set up that is created for joe internet user to view dynamic content. The same application has simple web-based authentication for admins of the site. I would like to know, just for arguements sake how I should really set up the database user roles. Since my application is doing all the SQL for joe internet user, authentication for admins, and SQL for admins within the php pages should i really set up 2 separate database users with defined roles for allowing access to the data?
Another question i have is, is it possible to have a PHP page that prompts for username and password to pass that username and password to an oracle DB (not a user table with usernames and passwords) to check if a DBUSER and DBPASS exist and use that define DBUSER's ROLES to act upon the data?
What is the best way to do authentication for web-driven (dynamic content) using databases?
Thanks in advance!
Another question i have is, is it possible to have a PHP page that prompts for username and password to pass that username and password to an oracle DB (not a user table with usernames and passwords) to check if a DBUSER and DBPASS exist and use that define DBUSER's ROLES to act upon the data?
What is the best way to do authentication for web-driven (dynamic content) using databases?
Thanks in advance!