All: Are there any frameworks / toolkits available, possibly as established F/OSS projects, for web applications using PHP+PostgreSQL? sf.net/google comes up short -- a few XML services and Perl+PgSQL hits. By 'application server', as a marketing wank-word gleaned from Oracle/IBM/BEA, essentially constituted by: *) Templates for common data structures *) Centralized deployment of applications as 'modules' using a shared foundation *) A row-level / user-level ('view based') object security model *) Corporate Directory / Backend Integration (LDAP, Kerberos, PAM, NSS) If such a project doesn't exist, I propose instantiating one. #1 and #2 are easy. #3 and #4 are showstoppers. == Monolith Security Model == WRT security, the "monolithic security model", whereby: - The application on your web systems connects as a proxy/meta 'application user' role to PostgreSQL - Who has unlimited authorization privileges - Data access security is enforced entirely in-code There is no shortage of discussion on the topic in the list archives, but no conclusive answer documented anywhere on a commonly accepted mode. This is the kind of security model still recommended by 99% of the PHP/PostgreSQL books on the market, and it keeps the "IT auditor" industry alive. == Directory / Corporate Integration == WRT to LDAP/Kerberos, but mostly LDAP these days, the current PostgreSQL authentication framework allows one to proxy _authentication_ requests to a corporate LDAP system (we'll call this the 'pam_ldap' aspect) -- However, no equivalent of the 'nss_ldap' functionality exists -- e.g., automatic population of group/role membership from LDAP groups and/or CN= attribute/value pair mapping into pg_catalog.pg_roles rows. That would be a big boost... ---------------------------(end of broadcast)--------------------------- TIP 3: Have you checked our extensive FAQ? http://www.postgresql.org/docs/faq