Re: protecting database from internet access

From: "ashish srivastava" <ashu_shri(at)hotmail(dot)com>
To: pgsql-admin(at)postgresql(dot)org
Subject: Re: protecting database from internet access
Date: 2005-10-13 05:36:23
Message-ID: BAY111-F338D7FABECCB3EE6F981689F7A0@phx.gbl
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-admin

Hi,

I have to design authentication and authorization tables in the postgress
database depending on the roles of the users. What strategy should i follow.
The transcation is going to be at most secure i.e. https and ssl enable.

can you help with some example.

Thanks,
Ashish

>From: "codeWarrior" <gpatnude(at)hotmail(dot)com>
>To: pgsql-admin(at)postgresql(dot)org
>Subject: Re: [ADMIN] protecting database from internet access
>Date: Wed, 12 Oct 2005 08:13:31 -0700
>
> From the postgreSQL docs:
>16.7. Secure TCP/IP Connections with SSL
>19.1. The pg_hba.conf file
> 19.2. Authentication methods
> 19.2.1. Trust authentication
> 19.2.2. Password authentication
> 19.2.3. Kerberos authentication
> 19.2.4. Ident-based authentication
> 19.2.5. PAM Authentication
> 19.3. Authentication problems
>
>""ashish srivastava"" <ashu_shri(at)hotmail(dot)com> wrote in message
>news:BAY111-F137A8BA63A48E213E01AF59F7B0(at)phx(dot)gbl(dot)(dot)(dot)
> > hi,
> >
> > please do the needful..
> >
> > I am using j2ee on the server side and postgresql as the database to
> > connect. This database is exposed to the internet.
> >
> > The user is shown a login page in which user enters its username and
> > password. Password authentication takes place.This password is
> > authenticated on the basis of password field in the userprofile table.
> >
> > some questions :-
> > 1)can anybody tell me how to do this so that the database is at most
> > secure on the internet ?
> > 2)should i have different password(login password) for the connection
> > string ? or connection string password should be same and authentication
> > should be done by fetching the password value from the userprofile table
> > for the coressponding user ?
> > 3)Encrypting the password ?
> > 4)Adding the password in the session so that once authentication is done
> > user is allowed for authorization for different resources such
> > databases,tables etc..
> > 5)providing some SSl or tunneling to the database ?
> >
> > please help with some examples..
> >
> > i am presently using pg admin III on windows of postgresql. later on
>might
> > switch to linux.
> >
> > i have read about pg_hba.conf file..But these things are not clear to
>me.
> >
> > Thanks,
> > Ashish
> >
> > _________________________________________________________________
> > Finding it difficult to find your life partner?Here is your solution
> > http://www.bharatmatrimony.com/
> > http://creative.mediaturf.net/creatives/bm05/bm_msn_tagoffline.htm
> >
> >
> > ---------------------------(end of broadcast)---------------------------
> > TIP 5: don't forget to increase your free space map settings
> >
>
>
>
>---------------------------(end of broadcast)---------------------------
>TIP 4: Have you searched our list archives?
>
> http://archives.postgresql.org

_________________________________________________________________
NRI SPECIAL OFFER!Zero balance account for 20 years! Get it now!
http://creative.mediaturf.net/creatives/citibankrca/rca_msntagofline.htm

In response to

Browse pgsql-admin by date

  From Date Subject
Next Message Nigel Bishop 2005-10-13 15:22:28 DB Cluster hanging
Previous Message Nirav Parikh 2005-10-13 01:18:21 Urgent!