tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
Subject Re: Short Term Plan: Add Security Management Capabilities to Tomcat
Date Sat, 16 Oct 1999 19:35:16 GMT

> ... Actually how about turning that a bit inside out and ...

Any good DBA would tell you that neither is in fourth normal form, with the
correct form being more like the following:

      <user name="duncan" password="32kalkf902"/>
      <user name="craigmcc" password="23asdfjask2"/>
      <user name="costin" password="659asdfk39"/>

      <role name="pmc"/>
      <role name="committer"/>

      <auth user="duncan" role="pmc"/>
      <auth user="craigmcc" role="pmc"/>
      <auth user="duncan" role="committer"/>
      <auth user="cragmcc" role="committer"/>
      <auth user="costin" role="committer"/>

Note: while I'm saying this with a little tounge in cheek, there is a bit of a
point to the exercise.  Take a look at the three representations and figure out
how much work (using whatever units of measure you like) would be required to
delete user duncan.  One could make a similar observation about the amount of
effort required to remove a role, but intuitively this is a less frequent
operation.  For this reason, given the choice between the first two
alternatives, I would prefer the former (users containing roles).

View raw message