| From: | Koen Vermeer <koen(at)vermeer(dot)tv> |
|---|---|
| To: | pgsql-general(at)postgresql(dot)org |
| Subject: | Re: Force SSL / username combination |
| Date: | 2007-07-12 14:44:36 |
| Message-ID: | 1184251476.5451.7.camel@localhost |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
On Mon, 2007-07-09 at 09:05 +0200, Koen Vermeer wrote:
> I want to set up a database server that is connected to the Internet.
> Therefore, I want my users to use SSL/TLS certificates. I provide these
> certificates to the users, so I can control the information that is in
> there. Now, I know that I can set up PostgreSQL to use SSL/TLS, but I am
> unable to find a way to map a SSL/TLS certificate to a specific user.
> Is there a way to set this up? If so, how?
> Thanks for any pointers!
Despite the somewhat less than overwhelming number of replies, I think I
found a way around this. Just in case someone else may be looking for
this:
In contrib, there is something called 'sslinfo', which provides details
of the X509 certificate that was used by the client for the session.
Based on that, I can validate whether a username indeed matches the
certificate, or make sure a user can only get data matching some field
in the table to a field of the certificate, which probably is all I
need.
Koen
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Erik Jones | 2007-07-12 14:53:36 | Re: Database corruption: finding the bad block |
| Previous Message | Tom Lane | 2007-07-12 14:40:46 | Re: [GENERAL] Count(*) throws error |