Home > mailing lists

Re: How to allow users to log on only from my application not from pgadmin - Mailing list pgsql-general

From	Bruno Wolff III
Subject	Re: How to allow users to log on only from my application not from pgadmin
Date	January 30, 2007 18:06:23
Msg-id	20070130190603.GA13616@wolff.to Whole thread Raw
In response to	How to allow users to log on only from my application not from pgadmin ("Andrus" <kobruleht2@hot.ee>)
Responses	Re: How to allow users to log on only from my application not from pgadmin (Raymond O'Donnell <rod@iol.ie>)
List	pgsql-general

Tree view

On Sun, Jan 28, 2007 at 23:46:27 +0200,
  Andrus <kobruleht2@hot.ee> wrote:
> My application implements field and row level security.
> I have custom table of users where user privileges are described.
>
> However user can login directly to database using pgAdmin. This bypasses
> the security.
>
> How to allow users to login only from my application ?
> I think I must create server-side pgsql procedure for login validation.

Run the application on a machine you control. Then the application can
authenticate without the users being able to steal or piggyback on its
credentials.

pgsql-general by date:

From: Mark Walker
Date: 30 January 2007, 17:55:51
Subject: Re: Problem loading pg_dump file

From: Tony Caduto
Date: 30 January 2007, 18:11:23
Subject: Re: Any Plans for cross database queries on the same server?

Re: How to allow users to log on only from my application not from pgadmin - Mailing list pgsql-general

Previous

Next