[Neo4j] Best practice for User Authentication and Authorization

Peter Neubauer peter.neubauer at neotechnology.com
Thu Sep 15 11:13:03 CEST 2011

Great link James, I was looking for something to refer to when writing an
update for http://wiki.neo4j.org/content/ACL for the docs. This goes about
half way but should show you the principles?


Sent from my phone.
On Sep 15, 2011 10:42 AM, "espeed" <james at jamesthornton.com> wrote:
> Brendan cheng-2 wrote:
>> What design pattern do you recommend for user authentication and
>> authorization in neo4j graph? I'm searching a simple and flexible way to
>> restrict the access to certain part of graph which is dynamically depends
>> on the user and role...etc.How to avoid excessive traversing?
>> Any idea is appreciated!
> Use whatever authentication mechanism you want, such as Facebook auth,
> Twitter auth, or a home-grown authentication system.
> Store users as nodes, and you can do node-level authorization using a
> metadata and bitwise arithmetic. For example, see...
> "How to Build Role-Based Access Control in SQL", by Baron Schwartz (author
> of "High Performance MySQL")
> Part 1:
> Part 2:
> This is for an SQL-based row-level authorization system, but it could be
> adapted to a graph-based node-level system.
> - James
> --
> View this message in context:
> Sent from the Neo4j Community Discussions mailing list archive at
> _______________________________________________
> Neo4j mailing list
> User at lists.neo4j.org
> https://lists.neo4j.org/mailman/listinfo/user

More information about the User mailing list