On 18 Jul 2003 at 16:58, Sean Mullen wrote:
> Other projects I've seen use their app for authentication/security
> and bypass/ignore the extremely 'useful' security system built into
> postgresql and build their own security/authentication system.
>
> I'm wondering if the reason for this is:
>
> A) Necessity.
> i.e. Their project frontends run on a mysql backend - and has
> to do 'everything'
That is a strong accusation.
> OR
>
> B) There is some horrible limitation that is going to ruin my day down
> the track
I designed a web app which needed authentication. However since my middleware
was using connection pooling, only way I could authenticate each user was via
pam.
Postgresql supports set session authorisation but while doing so it does not
accept password of new user.
So I was forced to use app. connecting to database as single user and
maintaining it's own authentication database. I had to give up access control
offered by postgresql..:-(
I raised this issue on hacker but it didn't achieve significance anytime. IMO
postgresql needs separate authentication APIs exposed to user where people can
use postgresql authentication in there system without using PAM etc.
Bye
Shridhar
--
COBOL: An exercise in Artificial Inelegance.