Thorsten Kraus wrote: > No idea?? You'd need an authenticated user to call that stored procedure in the first place. It is kind of a chicken-and-egg problem. Usually people create a user for the webapp. This user makes the first connection to the database. After that you probably could define a security-definer procedure that handles further authentication (to an actual schema, for example). I have to admit I have never done this myself; but this is what I recall from previous discussions on similar topics. > Thorsten Kraus schrieb: >> Hi, >> >> I designed a Java web application. The persistence layer is a >> PostgreSQL database. The application needs user authentication. >> I think it's a good choice to implement this authentication mechanism >> via PostgreSQL login roles. So I can create several database login >> roles and set the database permissions to this login roles. This is my >> first project with the postgres database, so I don't know how I can >> validate a login from the website. Is there a best practice to do this >> or does PostgreSQL offers a stored procedure like >> 'authenticateUser(String username, String password)'? >> >> Thanks for your help. >> >> Bye, >> Thorsten -- Alban Hertroys alban@xxxxxxxxxxxxxxxxx magproductions b.v. T: ++31(0)534346874 F: ++31(0)534346876 M: I: www.magproductions.nl A: Postbus 416 7500 AK Enschede // Integrate Your World //
