On Tue, Nov 11, 2003 at 14:54:25 +0100, Daniel Struck <struck.d@xxxxxxxxxxxxxxxx> wrote: > > The problem is, I don't have a password available in php. > The users are authenticated with x509 certificats and a private key, not a password. The private key is stored on a smartcard and never leaves it, the smartcard itself handles the authentication with apache. > > Problem now is, I want to authenticate the user with postgresql, to be able to log what the user is doing in postgresql itself. > But I don't have a password to authenticate the user. > Thought about using a Kerberos ticket in postgresql, but don't know how to setup this. If you trust the host the php/web server runs on you may be able to use trust authentication. If you don't trust all of the users on that host then you can use ident authentication, though if the db server and php/web server aren't the same host using identd may slow things down too much.
