On 14/12/2011 8:32 PM, Andreas wrote:
> Hi,
>
> I asked elsewhere about the best way to store db credentials within a
> user-session of a web-app.
>
Where? Link?
> It appeared that it was for everybody but me evident that instead of
> heaving a db-role+passwd for every user of an application it was
> better to have just 1 set of db-credentials for the application and
> recreate a user management within the app instead using the existing
> user handling of the dbms.
I usually prefer a hybrid, where the app logs in with a particular role
with limited rights then does a SET ROLE to the app user it's currently
operating as. Related to:
http://stackoverflow.com/questions/8432636/in-postgresql-are-partitions-or-multiple-databases-more-efficient/8439618#8439618
--
Craig Ringer
