| From: | Daniel Struck <struck(dot)d(at)retrovirology(dot)lu>(by way of Daniel Struck <struck(dot)d(at)retrovirology(dot)lu>) |
|---|---|
| To: | Mariusz Pekala <skoot(at)qi(dot)pl> |
| Cc: | pgsql-php(at)postgresql(dot)org |
| Subject: | Re: client authentication towards postgresql in php? |
| Date: | 2003-11-12 15:29:57 |
| Message-ID: | 20031112162957.34737701.struck.d@retrovirology.lu |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-php |
> If you want only the logging ability, you may try to handle authentication
> inside the database. I mean:
> - - connect to PG database as one user (apache)
> - - make every PHP script create a temporary table with username
> just after establishing the connection:
> CREATE TEMPORARY TABLE logged_user (username varchar);
> INSERT INTO logged_user VALUES ('username');
> - - prepare triggers that log every modification to every table you're
> interested in. The trigger procedure(s) should get the data from that
> temporary table and use it to store who's doing the modifications.
> If the table does not exists, fire an exception inside the trigger
> procedure. This will ensure that only logged users will success with
> modifications.
thanks for this nice workaround :-), I will use it if i can't integrate the apache module "mod_kct" in my setup.
(mod_kct, http://www.citi.umich.edu/projects/kerb_pki/)
Daniel
--
Retrovirology Laboratory Luxembourg
Centre Hospitalier de Luxembourg
4, rue E. Barblé
L-1210 Luxembourg
phone: +352-44116105
fax: +352-44116113
web: http://www.retrovirology.lu
e-mail: struck(dot)d(at)retrovirology(dot)lu
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Bruno Wolff III | 2003-11-13 22:13:51 | Re: client authentication towards postgresql in php? |
| Previous Message | Mariusz Pekala | 2003-11-12 13:55:47 | Re: client authentication towards postgresql in php? |