各个互联域的用户是否应该放在同一个数据库表中?
例如,我们有3种类型的用户:内部用户(我们公司的员工)、客户和承包商,他们都在同一个表中,有一个“类型”字段来区分它们。我们还为每个域设置了不同的域:internal.domain.com、clients.domain.com 和contractors.domain.com。每个域映射到一个用户类型。为了登录这些门户,您显然需要拥有正确的用户/密码,并且用户类型也必须与域相匹配。这些用户是否应该从 1 个表分成 3 个?
For example, we have users of 3 types: internal users (employees of our company), clients, and contractors, and they are all in the same table, with a "type" field to differentiate them. We also have different domains for each: internal.domain.com, clients.domain.com, and contractors.domain.com. With each domain mapping to a user type. In order to log in to these portals, you need to have the correct user/pw obviously, and have the user type match the domain as well. Should these users be split from 1 table into 3?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
您不需要 3 个用户表。您正在描述“角色”的概念,这通常会产生以下类型的表:
您将拥有 3 个角色,一个用于内部,一个用于客户,一个用于承包商。这是规范化设计,但您可以在单个用户表中使用非规范化设计(但我不推荐它)。我认为根据角色的不同,你会有不同的逻辑。
另外,我应该指出,鉴于您上面描述的用户和站点的类型,很自然地会考虑使用多个 LDAP 存储进行此类身份验证,例如,可以使用 3 个不同的 Active Directory 来实现。这允许您将身份验证和授权委托给控制这些域的 IT 人员。
You don't need 3 user tables. You're describing the concept of a "role", which would normally result in the following types of tables:
You would have 3 roles, one for internal, one for clients, one for contractors. This is a normalized design, but you could get by with a denormalized design in a single User table (but I would not recommend it). I assume you will have different logic depending on the role.
Also, I should note that given the types of users and sites you describe above, it's natural to think about doing this sort of authentication using multiple LDAP stores, which - for example - could be implemented with 3 different Active Directories. This allows you to delegate authentication and authorization to IT that controls those domains.