db-derby-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Stanley Styszynski" <diabe...@gmail.com>
Subject Users authentication - design problem
Date Wed, 30 May 2007 18:42:37 GMT

My name is Stanley and I'm working on application which will offer
opportunity to simulate the effects of changes in insulin and diet on the
blood glucose profile of a diabetic patient. It will be a multiuser, desktop
application with Apache Derby inside.

I would not like to grant any of the users the administrative privileges.
Every user (added using special form in my application) should be equal. No
one should be able to see or modify other users results or database
settings. I plan to dynamically create a root user (when my application will
be launched for the first time). Root's user name and password will be
created dynamically (current time multiplied by random value and SHA-256).
This data will be stored in separate text file(encrypted) and it's content
will be read by the application to enable adding new users. I plan to
encrypt a database so only my application will be able to boot it.
Then, application itself, will be controlling access to the propriate pieces
of data. It should be easy when we take into account that my application is
using built-in driver (no network connection at all, database is integrated
with application).

Is this solution good? Maybe there are others who encountered such a
"problem" and could share their knowledge?



View raw message