| From: | elwood(at)agouros(dot)de (Konstantinos Agouros) |
|---|---|
| To: | pgsql-general(at)postgresql(dot)org |
| Subject: | General Security-Question |
| Date: | 2001-06-18 20:26:22 |
| Message-ID: | elwood.992895619@news.agouros.de |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
Hi,
I am currently developing a software that should replace our hated excel-time-
sheets. My problem is the following: I have an javaapplet for dataentry that
connects to the database via jdbc. There is a table that holds the data (who
worked what when). So far so good, but:
Since I must grant update/insert/delete access to this table to everybody
that can use this application, how can I stop people from updating the data
of the others. The one thing that came to my mind was not creating database-
users but instead use a static user, and let the application handle the logic
who can access which lines in the database (its also a matter of dataprivacy,
one should be allowed to watch one's own data but not of the others, the team-
manager should see the data of the team etc). The read-access can be implemen-
ted using views but I don't see much other way for data-entry. Somebody has an
idea?
Konstantin
--
Dipl-Inf. Konstantin Agouros aka Elwood Blues. Internet: elwood(at)agouros(dot)de
Otkerstr. 28, 81547 Muenchen, Germany. Tel +49 89 69370185
----------------------------------------------------------------------------
"Captain, this ship will not sustain the forming of the cosmos." B'Elana Torres
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2001-06-18 20:34:46 | Re: Apache with PHP and PGSQL crashing ... |
| Previous Message | Thomas Seifert | 2001-06-18 20:24:24 | Re: Apache with PHP and PGSQL crashing ... |