On Sun, 2003-11-09 at 10:52, Daniel Struck wrote: > Hello, > > > I am searching for a secure way to handle client authentication in php towards postgresql. > > Let me explain what I like to setup: > > Client will connect to the application via Apache. > The authentication of the clients will be done over ssl and the certificates of the clients will be stored on smartcards. > (I have written a small documentation how to setup this at www.opensc.org). > Next I will read in the PHP application environment variables of apache to know if the user was correctly authenticated by apache. > > In postgresql I would like to create for every client a user. > Purpose: automatically log every action like update/delete of users by rules without requiring scripts in php. > > The problem I have is to authenticate the client to postgresql. If your actually creating a user inside the database for each user, authentication is handled inside the database and passwords are held inside the database. When your php login script fires off, save the user name/ password into a session and then use that info to build your pg_connect strings. Or maybe I've missed something because this sounds a lot easier to do than your making it out to be. Robert Treat -- Build A Brighter Lamp :: Linux Apache {middleware} PostgreSQL