On Sun, Jul 24, 2011 at 2:36 PM, Mario Puntin <mariomop@xxxxxxxxx> wrote: > > Hi everybody: > I searched the web trying to find an answer to this, but found none. I have > a postgresql server and a database, and I granted access to some users. > However I want them to access the data only through some specific client > application. I do not want them to have access through psql or some other > kind of client app. But, as I created them a user/pass they could use them. > What would you do? > Thanks in advance. > > The key thing is that you are going to have to have some way to restrict access. The protocol itself does not include any way of authenticating the application per se to be an approved one (and that is a challenging task if attempted, probably impossible to do securely). So what that leaves is the ability to restrict access based on incoming connection characteristics. This probably means some sort of middleware serving the app, and other connections being denied in the pg_hba.conf Best Wishes, Chris Travers -- Sent via pgsql-general mailing list (pgsql-general@xxxxxxxxxxxxxx) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-general
