Skip site navigation (1) Skip section navigation (2)

Custom security through functions.

From: Sten Daniel Sørsdal <lists(at)wm-access(dot)no>
To: pgsql-novice(at)postgresql(dot)org
Subject: Custom security through functions.
Date: 2005-09-26 07:12:35
Message-ID: 43379F63.9050302@wm-access.no (view raw or flat)
Thread:
Lists: pgsql-novice
Hi

I wish it add my own layer of security based primarily on username and
password for a PHP application. Basically i wish to perform
authentication through my own PL/PGSQL function that should set some
kind of session only variable. This variable should then be used as
security token in the following functions (they work as a middle layer
between application and the actual tables performing the actual queries)
be checked for simple validity. Functions are executed with function
authors privileges only.

My problem is that i havent identified what kind of variable type (if
any) i can use that a session may not just set on it's own (can i block
this with ACL?). Perhaps some kind of temporary table? Are there any
kinds that would expire as soon as session is over?

-- 
Sten Daniel Sørsdal

pgsql-novice by date

Next:From: Gnanavel SDate: 2005-09-26 13:24:08
Subject: Re: Init script
Previous:From: Wye Jon LeeDate: 2005-09-26 06:36:55
Subject: Re: Question regarding pg_restore

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group