Re: libpq: passwords WAS: scripting & psql issues - Mailing list pgsql-general

From Bruno Wolff III
Subject Re: libpq: passwords WAS: scripting & psql issues
Date
Msg-id 20040820125956.GB20737@wolff.to
Whole thread Raw
In response to Re: libpq: passwords WAS: scripting & psql issues  (Daniel Martini <dmartini@uni-hohenheim.de>)
List pgsql-general
On Fri, Aug 20, 2004 at 09:43:08 +0200,
  Daniel Martini <dmartini@uni-hohenheim.de> wrote:
>
> No he can't:
> Only if he is able to install a program on the webserver to
> actually login with a hashed password. If he wants to log in over the
> cgi, this won't work, because the hashed value he gained by reading the
> mapping will get hashed again and this will produce a wrong value.
> Direct logins to the database from his machine won't work either, because
> the database only allows connections from the webserver.

If all user logins are done using the webserver then you can have people
authenticate to the cgi application with whatever scheme makes you happy
and then have the cgi application authenticate to postgres using some other
authentication. (Trust would probably be OK if packet spoofing isn't a
significant risk on your local network.)

pgsql-general by date:

Previous
From: Bruno Wolff III
Date:
Subject: Re: need help with copy function
Next
From: Ulrich Wisser
Date:
Subject: Adding missing FROM-clause entry for table "customer"