Home > mailing lists

Re: Authentication method for web app - Mailing list pgsql-general

From	Leonardo F
Subject	Re: Authentication method for web app
Date	May 14, 2010 13:24:48
Msg-id	107910.57974.qm@web29019.mail.ird.yahoo.com Whole thread Raw
In response to	Re: Authentication method for web app (Scott Mead <scott.lists@enterprisedb.com>)
Responses	Re: Authentication method for web app (Ivano Luberti <luberti@archicoop.it>)
List	pgsql-general

Tree view

>I think this point number 2 is pretty important. If at all possible, keep
> the webapp separate from the database, and keep the database
> server on a fairly restrictive firewall.  This means that someone has
> got to get in to the webapp, then hop to the database server, it just
> adds another layer of mis-direction for any would-be evil doers.


Which are the authentication methods "recommended" in this
scenario? It sounds to me that no matter the auth mechanism,
if a user can connect to the webapp server with the user that runs
the webapp there's no way of avoiding the connection to the db
(since the user will then be free to see/do whatever the webapp was
seeing/doing).

pgsql-general by date:

From: Scott Mead
Date: 14 May 2010, 11:09:18
Subject: Re: autovacuum: 50% iowait for hours

From: x y
Date: 14 May 2010, 13:31:56
Subject: appending items to record variable

Re: Authentication method for web app - Mailing list pgsql-general

Previous

Next