1 Reply Latest reply on Dec 23, 2013 10:55 AM by philmodjunk

    Separation Model Security Sync Issue

    fred@kca-inc.com

      Title

      Separation Model Security Sync Issue

      Post

           I have implemented an extensive multi-user application with the App and Data files separated.  It was my hope to be able to modify the App file then overwrite App file on the server to update the code and GUI while maintaining the Data.  This works great except for one issue.  The users have the ability to update their passwords (which updates the security tables on both files).  My scenario is:

           1. I download the most current version of the App file from the server

           2. I modify the App file

           3. I upload the revised App file to the server.

           This work great unless any user has updated their password between steps 1 and 3.  In this case, the password in my downloaded App file will not match the password in the Data file on the server.

           Any suggestions on how to avoid this or to re-sync the passwords across hundreds of user accounts?  Can this be done with a scrip? The Data file would always have the most updated passwords.

        • 1. Re: Separation Model Security Sync Issue
          philmodjunk

               You can set up a system with scripts that manage and maintain accounts and passwords. The draw back to this approach is that you end up with the current password for each account stored in a table and this can be a security vulnerability. You may want to use a plug in or custom function to encrypt or at least scramble the password data to make things a bit more secure.