I am trying to figure out the best way to set up the model for what could be a moderately complicated authentication / ACL issue. I am trying to set up a kind of "single sign-on" within my own web application, where the end user could be assigned one or more roles through one or more customers. I'm also trying to figure out which of the authentication packages might work best for this setup.
A Customer represents a corporate entity that would pay to use a website. Each person represents an individual and has their own sign-on, and has one or more roles, either with a single customer or with multiple customers.
Tables:
PEOPLE id last_name first_name e_mail
has_many people_roles
CUSTOMERS id customer_name
ROLES id role_name
PEOPLE_ROLES person_id customer_id role_id
For example:
Johnny has Security Clearance Level 1 for Customer A Jane has Level 2 and Level 3 for Customer B, and has Level 1 for Customer A
Thanks in advance--
-Jeff Wigal
