From: | Erik Jones <erik(at)myemma(dot)com> |
---|---|
To: | greg(at)thursday(dot)com |
Cc: | pgsql-general(at)postgresql(dot)org, lgfausak(at)gmail(dot)com |
Subject: | Re: Maximum realistic number of database user accounts? |
Date: | 2008-02-14 18:35:15 |
Message-ID: | B9CDB44A-74A7-4C7C-B1DF-22AA553F6E15@myemma.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-general |
On Feb 14, 2008, at 11:16 AM, Greg Fausak wrote:
> Howdy,
>
> I find that user accounts are very good for
> helping me protect application access to the database.
> That is, instead of giving a user 1 account, I may give hem
> 10, and each of those accounts are restricted in the database
> in different ways. Anyway, I'm wondering what the maximum number of
> user accounts can
> be in a postgres database?
>
> Can I create a database with 1 million login roles and expect
> performance to
> be good? 10 million?
>
> Thanks,
> -g
You really expect your users to remember 10 different logins? No
offense, but that's crazy talk and a user management nightmare. What
you should probably be doing is:
1. Give each user 1 login role (a user account) (probably with
INHERIT privileges).
2. Create non-login roles (groups) for each set of privileges that
user can have and make your grants/revokes here.
3. Grant membership to your user roles in which ever group roles are
appropriate for them.
3a. If you've given the login roles INHERIT privileges then they'll
automatically inherit the privileges of whatever group roles they now
have membership in.
Erik Jones
DBA | Emma®
erik(at)myemma(dot)com
800.595.4401 or 615.292.5888
615.292.0777 (fax)
Emma helps organizations everywhere communicate & market in style.
Visit us online at http://www.myemma.com
From | Date | Subject | |
---|---|---|---|
Next Message | Christopher Browne | 2008-02-14 18:37:32 | Re: Maximum realistic number of database user accounts? |
Previous Message | Nathan Wilhelmi | 2008-02-14 18:33:44 | Re: Deferred constraints and locks... |