I am trying to determine the best / "right" place to put the following logic on my Delphi data server.
The user connects to the server and uses the provided credentials. I check them using a centralized authorization database (Oracle database). If they are really valid users, I want them to give them a connection with where their data is actually located, based on what the authorization repository says (it could be a different host, database, username, password).
I have an AuthorizationDatabase in my own server class, which is the server life cycle, since no one can log in without verification there. Does this create a problem with concurrency? 10 users who will be checked at the same time, will this work fine?
I have a basic server module from which all session-level data modules that are connected to the application are derived. Application connection settings may vary depending on the user's login to the system.
The problem I encountered is the place where you need to perform the process of assigning authorization / verification / new DB parameters.
Where is this approach to a two-step database suitable? It seems quite common that the user is checked in one place, but the data that they will ultimately access is in another.
When considering the examples, I do not see the obvious place to which he will go.
source share