| From: | Sten Daniel Sørsdal <lists(at)wm-access(dot)no> |
|---|---|
| To: | pgsql-novice(at)postgresql(dot)org |
| Subject: | Custom security through functions. |
| Date: | 2005-09-26 07:12:35 |
| Message-ID: | 43379F63.9050302@wm-access.no |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-novice |
Hi
I wish it add my own layer of security based primarily on username and
password for a PHP application. Basically i wish to perform
authentication through my own PL/PGSQL function that should set some
kind of session only variable. This variable should then be used as
security token in the following functions (they work as a middle layer
between application and the actual tables performing the actual queries)
be checked for simple validity. Functions are executed with function
authors privileges only.
My problem is that i havent identified what kind of variable type (if
any) i can use that a session may not just set on it's own (can i block
this with ACL?). Perhaps some kind of temporary table? Are there any
kinds that would expire as soon as session is over?
--
Sten Daniel Sørsdal
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Gnanavel S | 2005-09-26 13:24:08 | Re: Init script |
| Previous Message | Wye Jon Lee | 2005-09-26 06:36:55 | Re: Question regarding pg_restore |