From: | Chris Travers <chris(dot)travers(at)gmail(dot)com> |
---|---|
To: | Mario Puntin <mariomop(at)gmail(dot)com> |
Cc: | pgsql-general(at)postgresql(dot)org |
Subject: | Re: Disallow access from psql, or allow access only from specific client app |
Date: | 2011-07-24 21:52:29 |
Message-ID: | CAKt_Zft-VQDTXq08bcUZVrJabh808Kbpr22AS7i+HQbX7+hRBA@mail.gmail.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-general |
On Sun, Jul 24, 2011 at 2:36 PM, Mario Puntin <mariomop(at)gmail(dot)com> wrote:
>
> Hi everybody:
> I searched the web trying to find an answer to this, but found none. I have
> a postgresql server and a database, and I granted access to some users.
> However I want them to access the data only through some specific client
> application. I do not want them to have access through psql or some other
> kind of client app. But, as I created them a user/pass they could use them.
> What would you do?
> Thanks in advance.
>
>
The key thing is that you are going to have to have some way to
restrict access. The protocol itself does not include any way of
authenticating the application per se to be an approved one (and that
is a challenging task if attempted, probably impossible to do
securely).
So what that leaves is the ability to restrict access based on
incoming connection characteristics. This probably means some sort of
middleware serving the app, and other connections being denied in the
pg_hba.conf
Best Wishes,
Chris Travers
From | Date | Subject | |
---|---|---|---|
Next Message | Chris Curvey | 2011-07-24 22:21:30 | Re: Disallow access from psql, or allow access only from specific client app |
Previous Message | Lonni J Friedman | 2011-07-24 21:48:31 | Re: Disallow access from psql, or allow access only from specific client app |