All:
Are there any frameworks / toolkits available, possibly as established
F/OSS projects, for web applications using PHP+PostgreSQL?
sf.net/google comes up short -- a few XML services and Perl+PgSQL hits.
By 'application server', as a marketing wank-word gleaned from
Oracle/IBM/BEA, essentially constituted by:
*) Templates for common data structures
*) Centralized deployment of applications as 'modules' using
a shared foundation
*) A row-level / user-level ('view based') object security model
*) Corporate Directory / Backend Integration (LDAP, Kerberos, PAM, NSS)
If such a project doesn't exist, I propose instantiating one.
#1 and #2 are easy. #3 and #4 are showstoppers.
== Monolith Security Model ==
WRT security, the "monolithic security model", whereby:
- The application on your web systems connects as a proxy/meta
'application user' role to PostgreSQL
- Who has unlimited authorization privileges
- Data access security is enforced entirely in-code
There is no shortage of discussion on the topic in the list archives,
but no conclusive answer documented anywhere on a commonly accepted
mode.
This is the kind of security model still recommended by 99% of the
PHP/PostgreSQL books on the market, and it keeps the "IT auditor"
industry alive.
== Directory / Corporate Integration ==
WRT to LDAP/Kerberos, but mostly LDAP these days, the current PostgreSQL
authentication framework allows one to proxy _authentication_ requests
to a corporate LDAP system (we'll call this the 'pam_ldap' aspect) --
However, no equivalent of the 'nss_ldap' functionality exists -- e.g.,
automatic population of group/role membership from LDAP groups and/or
CN= attribute/value pair mapping into pg_catalog.pg_roles rows.
That would be a big boost...
---------------------------(end of broadcast)---------------------------
TIP 2: Don't 'kill -9' the postmaster
