Re: How to allow users to log on only from my application not from pgadmin - Mailing list pgsql-general

From Bruno Wolff III
Subject Re: How to allow users to log on only from my application not from pgadmin
Date
Msg-id 20070130190603.GA13616@wolff.to
Whole thread Raw
In response to How to allow users to log on only from my application not from pgadmin  ("Andrus" <kobruleht2@hot.ee>)
Responses Re: How to allow users to log on only from my application not from pgadmin
List pgsql-general
On Sun, Jan 28, 2007 at 23:46:27 +0200,
  Andrus <kobruleht2@hot.ee> wrote:
> My application implements field and row level security.
> I have custom table of users where user privileges are described.
>
> However user can login directly to database using pgAdmin. This bypasses
> the security.
>
> How to allow users to login only from my application ?
> I think I must create server-side pgsql procedure for login validation.

Run the application on a machine you control. Then the application can
authenticate without the users being able to steal or piggyback on its
credentials.

pgsql-general by date:

Previous
From: Mark Walker
Date:
Subject: Re: Problem loading pg_dump file
Next
From: Tony Caduto
Date:
Subject: Re: Any Plans for cross database queries on the same server?