Re: Philosophical question

From: Andreas <maps(dot)on(at)gmx(dot)net>
To: pgsql-general(at)postgresql(dot)org
Subject: Re: Philosophical question
Date: 2011-12-14 17:16:23
Message-ID: 4EE8D9E7.3030409@gmx.net
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-general

Am 14.12.2011 14:28, schrieb Craig Ringer:
> On 14/12/2011 8:32 PM, Andreas wrote:
>> Hi,
>>
>> I asked elsewhere about the best way to store db credentials within a
>> user-session of a web-app.
>>
> Where? Link?

Well, it was on the general list of php.net.
I read your link and understood your not a particular fan of PHP.
I'm not exactly dogmatic about PHP either. It's just the first approach
to the web-app topic for me. One has to start somewhere. :-}

I'll need to let some specific external users access our PG DB that up
until now uses a MS-Access frontend.
PHP seemed to be the easiest approach without having to mess around with
ASP or JAVA and all this.

>> It appeared that it was for everybody but me evident that instead of
>> heaving a db-role+passwd for every user of an application it was
>> better to have just 1 set of db-credentials for the application and
>> recreate a user management within the app instead using the existing
>> user handling of the dbms.
> I usually prefer a hybrid, where the app logs in with a particular
> role with limited rights then does a SET ROLE to the app user it's
> currently operating as. Related to:
>
> http://stackoverflow.com/questions/8432636/in-postgresql-are-partitions-or-multiple-databases-more-efficient/8439618#8439618
>

I wasn't aware of the possibility to switch roles, yet.
I'll explore this in more detail.

Thanks

In response to

Responses

Browse pgsql-general by date

  From Date Subject
Next Message Carlos Mennens 2011-12-14 17:52:23 Locking Tables & Backup Inquiry
Previous Message Albe Laurenz 2011-12-14 16:01:11 Re: Philosophical question