| From: | "Ben Trewern" <ben(dot)trewern(at)_nospam_mowlem(dot)com> |
|---|---|
| To: | pgsql-general(at)postgresql(dot)org |
| Subject: | Re: Webappication and PostgreSQL login roles |
| Date: | 2007-04-04 08:06:42 |
| Message-ID: | euvma6$255j$1@news.hub.org |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
I think it's something like SELECT 'md5' + md5(password + username);
Regards,
Ben
"Thorsten Kraus" <TK-Spam(at)gmx(dot)de> wrote in message news:46127989(dot)6000409(at)gmx(dot)de(dot)(dot)(dot)
This would be a possible way. Now the question is which algorithm implementation of md5 PostgreSQL uses...
Bye,
Thorsten
Ben Trewern schrieb:
You could originally connect to the database as some kind of power user.
Check the password against the pg_shadow view (you would need to md5 your
password somehow) and then do a SET SESSION AUTHORIZATION (or SET ROLE) to
change your permissions. Not sure how secure this would be but it's the way
I would try.
Regards,
Ben
"Thorsten Kraus" <TK-Spam(at)gmx(dot)de> wrote in message
news:46124F74(dot)3000302(at)gmx(dot)de(dot)(dot)(dot)
Hi,
thanks for your answer. I cant use the username/password in my DSN because
I don't connect directly via JDBC to the database. I use hibernate for all
database actions. The username and password has to be stored in the
hibernate configuration file...
Bye,
Thorsten
Lutz Broedel schrieb:
Can you not use the username/password as part of the DSN?
Regards,
Lutz Broedel
---------------------------(end of broadcast)---------------------------
TIP 6: explain analyze is your friend
---------------------------(end of broadcast)---------------------------
TIP 6: explain analyze is your friend
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tommy Gildseth | 2007-04-04 09:34:22 | Re: UPDATE on two large datasets is very slow |
| Previous Message | marcel.beutner | 2007-04-04 07:14:39 | newid() in postgres |