Search Postgresql Archives

Re: How to allow users to log on only from my application

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



>> My application implements field and row level security.
>> I have custom table of users where user privileges are described.
>>
>> However user can login directly to database using pgAdmin. This bypasses
>> the security.
>>
>> How to allow users to login only from my application ?
>> I think I must create server-side pgsql procedure for login validation.
>
> What role are your users using to login via PgAdmin?

Users should always login  form my application only.
pgAdmin login is reserved only for sysadmins who login as user postgres 
always.

> Why not simply deny  them access in pg_hba.conf?

I have 5432 port opened to public internet and users use my application from 
internet.

pg_hba doesn't allow access per application basics.

Denying acces from pg_hba.conf  also denies access from my application.

Andrus.




[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Postgresql Jobs]     [Postgresql Admin]     [Postgresql Performance]     [Linux Clusters]     [PHP Home]     [PHP on Windows]     [Kernel Newbies]     [PHP Classes]     [PHP Books]     [PHP Databases]     [Postgresql & PHP]     [Yosemite]
  Powered by Linux