> The more I think about it, the more I think a proxy app is necessary. > It seems like a lot of work just for security issues, but basically most > web based database apps use this model, with the web application acting > as a proxy between the database and the client. This is how I've seen it done on almost every application I've worked on. If you have multiple apps hitting a single DB, usually each application has it's own role. But user-level security is controlled at the application-level. Although I don't think there's anything *wrong* with having a role-per-user (it could provide an "extra" layer of security), I think it's much more flexible to define security in the application/business logic layer. That being said, we shouldn't get too wound up over this "limitation" of PostgreSQL until someone finds that there really is some real-world performance issue. AFAIK, everything in this thread is theoretical. Cheers, Jeremy Haile
