Appendix 2 : Security Details

Starting with release 0.13, Goozzee security is implemented the following way : each user connects to the database with his own user ID and password. So each Goozzee user corresponds to a Mysql user. And the passwords aren't stored anymore inside the User table of the repository, but they are encrypted by Mysql and stored in the Mysql system tables, which is much more secure.
But to prevent users from connecting to Mysql and querying the repository from another tool than Goozzee (and thus bypassing the security restrictions that are set on the various topics and documents of your topic map), the passwords are modified by Goozzee, without the users knowing it : they're prefixed with the value that was entered during the repository initialization phase.

Beware that this detail can become annoying if you're hosting multiple repositories on the same Mysql server : either you'll have to set the same prefix value for all your repositories, or you'll have to use different user names, in order to avoid conflicts between users of different repositories.