On Wed, Nov 12, 2003 at 11:26:03 +0100,
Daniel Struck <struck(dot)d(at)retrovirology(dot)lu> wrote:
> On Tue, 11 Nov 2003 12:47:52 -0600
> Bruno Wolff III <bruno(at)wolff(dot)to> wrote:
> > If you trust the host the php/web server runs on you may be able to use
> > trust authentication. If you don't trust all of the users on that host
> > then you can use ident authentication, though if the db server and php/web
> > server aren't the same host using identd may slow things down too much.
> The web application, which will make the connection to the database, is normally running under the user apache, so I don't think I could use the ident method?
Sure you can. If you trust the apache user, you can use ident authentication
to allow it to connect as any of the valid users. It may be in your case
that you can't trust the apache user, but we don't know enough about your
setup to be able to tell that.
In response to
pgsql-php by date
|Next:||From: Noel||Date: 2003-11-18 02:33:30|
|Subject: Cancel a query when user leaves a web page|
|Previous:||From: Daniel Struck||Date: 2003-11-12 15:29:57|
|Subject: Re: client authentication towards postgresql in php?|