I ran into an interesting client server development problem.
We have this browser-based management application in which it has many users using this system. Thus, it is obvious that in this application we have a user management module.
I always thought that there is a user table in the database to save all the login information.
However, a senior developer said that user management should be done at the database server level, if not then poorly designed. He meant that if the user wants to use the application, then the user must be created in the user table AND on the database server as the user account.
So, if I have 50 users using my applications, then I should have 50 database server users.
I personally think that it is enough to have only one user account on the database server for this database. Just give this user authorized privileges to use all the necessary work of the application. Users who interact with the application must have their user accounts created and managed in the database table, as they are more associated with the application level. I do not see and agree that it is necessary to create a database server user account for each user created for the application in the user table.
The user of one database server should be sufficient to process the entire request sent by the application.
Hope to hear any suggestions / opinions and am I missing something? performance or security?
Many thanks.
source
share