I'm trying to understand the extent that row level security in postgresql 9.5 may replace, or augment, application-level access control.
I have a fully implemented application-level access control policy. It's not clear to me how I will integrate or replace it with RLS.
Craig Ringer mentioned in a blog post:
"Most importantly, row-security is pluggable – in addition to looking policies up from the system catalogs, it’s also possible to use a policy hook to supply arbitrary policy from extensions. "
It seems that my options will be to record authorization into the catalog or write an extension?
Thanks
Darin