Quick Links

Re: How to allow users to log on only from my application not from pgadmin

From:	Bruno Wolff III <bruno(at)wolff(dot)to>
To:	Andrus <kobruleht2(at)hot(dot)ee>
Cc:	pgsql-general(at)postgresql(dot)org
Subject:	Re: How to allow users to log on only from my application not from pgadmin
Date:	2007-01-30 19:06:03
Message-ID:	20070130190603.GA13616@wolff.to
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-general

On Sun, Jan 28, 2007 at 23:46:27 +0200,
Andrus <kobruleht2(at)hot(dot)ee> wrote:
> My application implements field and row level security.
> I have custom table of users where user privileges are described.
>
> However user can login directly to database using pgAdmin. This bypasses
> the security.
>
> How to allow users to login only from my application ?
> I think I must create server-side pgsql procedure for login validation.

Run the application on a machine you control. Then the application can
authenticate without the users being able to steal or piggyback on its
credentials.

In response to

How to allow users to log on only from my application not from pgadmin at 2007-01-28 21:46:27 from Andrus

Responses

Re: How to allow users to log on only from my application not from pgadmin at 2007-01-30 19:12:16 from Andrus
Re: How to allow users to log on only from my application not from pgadmin at 2007-01-30 22:20:17 from Raymond O'Donnell

Browse pgsql-general by date

	From	Date	Subject
Next Message	Tony Caduto	2007-01-30 19:11:15	Re: Any Plans for cross database queries on the same server?
Previous Message	Mark Walker	2007-01-30 18:55:39	Re: Problem loading pg_dump file