I´m envolved in developping a website that will function as a frontend for psql 8.1 cluster. We use a number of frontend technologies, and we want to keep the authentication in the backend. Not a system where the frontend queries a table to verify username password, sets the priviliges on the front end and logs in as a superuser on the backend. So we need to have username and password ready at a lot of moments, too many for a user to type it in all the time.
Since we´re on a very tight time schema, we don´t want to implemt LDAP just yet, since it will complicate things (even) more. Especially synchronising user (role) changes between PostgreSQL and the LDAP server seems tricky, since the database cluster stills keeps its pg_authid tables (right?). So as a temporary compromise, we decided to store the username and password in a cookie on the client PC, which is of course a serious weakness.
Can anyone give me some advise on how to do this a better way, without consuming too much time, or is this the best thing to do in such a situation?
