| From: | "Darrin Ladd" <darrin_ladd(at)hotmail(dot)com> |
|---|---|
| To: | pgsql-general(at)postgresql(dot)org |
| Subject: | User security on tuple level |
| Date: | 2000-08-24 14:07:22 |
| Message-ID: | F96SgcOrBLSAQV6uPDV00000a2b@hotmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
Hi,
I need to implement security on the tuple level, so that certain "users"
only have access to certain rows within a table. When I was working with
Oracle I implemented this type of security by creating a logon trigger which
called a function. This function set a context (Oracle object somewhat like
an environment variable, but only for the session) based on the "user_id"
(not db logon) used to log onto the website. Then a policy (Oracle object
which can be used to have a function called every time a table is accessed)
was created on the table. This policy called a function which accessed the
context and used it to build a string that is added on to the accessing
statement's where clause. In this way, without the user knowing, he/she
would only have the ability to select/update/delete their own records.
Is there anything like this, or a good way to implement record level
security in Postgres?
I apologize for the long description.
Thanks for your help!
Darrin
________________________________________________________________________
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Vincent Trussart | 2000-08-24 14:25:02 | Quoting affects usage of indices on int8 columns... |
| Previous Message | Alex Guryanow | 2000-08-24 13:44:20 | sorting in UNICODE table |