Skip site navigation (1)
Skip section navigation (2)
Peripheral Links
Header And Logo
|
Site Navigation
Re: How to allow users to log on only from my application not from pgadmin
- From: Bruno Wolff III <bruno(at)wolff(dot)to>
- To: Andrus <kobruleht2(at)hot(dot)ee>
- Cc: pgsql-general(at)postgresql(dot)org
- Subject: Re: How to allow users to log on only from my application not from pgadmin
- Date: Tue, 30 Jan 2007 13:06:03 -0600
- Message-id: <20070130190603(dot)GA13616(at)wolff(dot)to>
On Sun, Jan 28, 2007 at 23:46:27 +0200, Andrus <kobruleht2(at)hot(dot)ee> wrote: > My application implements field and row level security. > I have custom table of users where user privileges are described. > > However user can login directly to database using pgAdmin. This bypasses > the security. > > How to allow users to login only from my application ? > I think I must create server-side pgsql procedure for login validation. Run the application on a machine you control. Then the application can authenticate without the users being able to steal or piggyback on its credentials.
- Follow-Ups:
- Re: How to allow users to log on only from my application not from pgadmin
- From: Raymond O'Donnell
- Re: How to allow users to log on only from my application not from pgadmin
- From: Andrus
- Re: How to allow users to log on only from my application not from pgadmin
- References:
- Prev by Date: Re: Problem loading pg_dump file
- Next by Date: Re: Any Plans for cross database queries on the same server?
- Previous by thread: Re: How to allow users to log on only from my application
- Next by thread: Re: How to allow users to log on only from my application not from pgadmin
- Indexes: