Search Postgresql Archives

PostgreSQL authentication as my application's authentication.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hello,

I'm developing a web application, I normally write the authentication using a database table for usernames and passwords, I would like to implement this app using postgresql's authentication, the user types his user/pass and that's the user/pass used for database connectivity, so each user are guaranteed to only be able to read or write data on tables they are allowed instead using a single database user with read/write access to everything and checking before performing an action to see if the user is allowed.

I own the server on which this would run, so I'm ok with creating the users and setting up the privileges using the psql prompt, but I do not know this isn't a good idea in servers where I don't have a superuser, because a user with a "create user" role becomes a superuser and has read/write access to the entire server's database.

Can anybody tell me more about this, what should I do? which is the best aproach? Do I need to provide more information?

Thanks in advance.

Sergio Duran.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Postgresql Jobs]     [Postgresql Admin]     [Postgresql Performance]     [Linux Clusters]     [PHP Home]     [PHP on Windows]     [Kernel Newbies]     [PHP Classes]     [PHP Books]     [PHP Databases]     [Postgresql & PHP]     [Yosemite]
  Powered by Linux