From: | "Willy-Bas Loos" <willybas(at)gmail(dot)com> |
---|---|
To: | pgsql-general(at)postgresql(dot)org |
Subject: | password cookie |
Date: | 2006-10-25 13:49:54 |
Message-ID: | 1dd6057e0610250649u6bfb9b84ref9bd80db349ea82@mail.gmail.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-general |
Hi,
I´m envolved in developping a website that will function as a frontend for
psql 8.1 cluster.
We use a number of frontend technologies, and we want to keep the
authentication in the backend. Not a system where the frontend queries a
table to verify username password, sets the priviliges on the front end and
logs in as a superuser on the backend. So we need to have username and
password ready at a lot of moments, too many for a user to type it in all
the time.
Since we´re on a very tight time schema, we don´t want to implemt LDAP just
yet, since it will complicate things (even) more. Especially synchronising
user (role) changes between PostgreSQL and the LDAP server seems tricky,
since the database cluster stills keeps its pg_authid tables (right?).
So as a temporary compromise, we decided to store the username and password
in a cookie on the client PC, which is of course a serious weakness.
Can anyone give me some advise on how to do this a better way, without
consuming too much time, or is this the best thing to do in such a
situation?
From | Date | Subject | |
---|---|---|---|
Next Message | Nico Grubert | 2006-10-25 13:56:17 | Monitoring Postgres - Get the SQL queries which are sent to postgres |
Previous Message | Albe Laurenz | 2006-10-25 13:47:20 | Re: DBI-Link, Oracle, database encoding |