On second thought, you might be referring to pg_hba.conf?
That would not be applicable for a web-service, since all users would connect through the same IP-adress..
On 1/29/07, Willy-Bas Loos <willybas@gmail.com> wrote:Tom Lane wrote:
>I think that the
>main bottleneck would be the "flat file" that's used to tell the
>postmaster about the set of valid users --- every time a user is
>added/dropped/changed, that file gets rewritten and then re-parsed
>by the postmaster. So you could eat a lot of overhead if you change
>users every few seconds or something like that.
I'm developing the same kind of application right now. We've been successful in programming per-user row-level security, we're quite happy with it. Even if someone should crack our web-server he still could not do anything much with the database, which holds what really matters to us.
I've heard about the performance drawbacks, but never the exact reason for it.
What you describe Tom (flat file), sounds a bit strange to me. Aren't users stored in a table? (pg_catalog.pg_authid)
I guess maybe those (system) tables are stored differently than normal ones?
Willy-Bas
