Andrus wrote:
My application implements field and row level security. I have custom table of users where user privileges are described. However user can login directly to database using pgAdmin. This bypasses the security. How to allow users to login only from my application ? I think I must create server-side pgsql procedure for login validation.
What role are your users using to login via PgAdmin? Why not simply deny them access in pg_hba.conf?
Ray. --------------------------------------------------------------- Raymond O'Donnell, Director of Music, Galway Cathedral, Ireland rod@xxxxxx ---------------------------------------------------------------
