Re: Disallow access from psql, or allow access only from specific client app - Mailing list pgsql-general

From Chris Travers
Subject Re: Disallow access from psql, or allow access only from specific client app
Date
Msg-id CAKt_Zft-VQDTXq08bcUZVrJabh808Kbpr22AS7i+HQbX7+hRBA@mail.gmail.com
Whole thread Raw
In response to Disallow access from psql, or allow access only from specific client app  (Mario Puntin <mariomop@gmail.com>)
List pgsql-general
On Sun, Jul 24, 2011 at 2:36 PM, Mario Puntin <mariomop@gmail.com> wrote:
>
> Hi everybody:
> I searched the web trying to find an answer to this, but found none. I have
> a postgresql server and a database, and I granted access to some users.
> However I want them to access the data only through some specific client
> application. I do not want them to have access through psql or some other
> kind of client app. But, as I created them a user/pass they could use them.
> What would you do?
> Thanks in advance.
>
>
The key thing is that you are going to have to have some way to
restrict access.  The protocol itself does not include any way of
authenticating the application per se to be an approved one (and that
is a challenging task if attempted, probably impossible to do
securely).

So what that leaves is the ability to restrict access based on
incoming connection characteristics.  This probably means some sort of
middleware serving the app, and other connections being denied in the
pg_hba.conf

Best Wishes,
Chris Travers

pgsql-general by date:

Previous
From: Lonni J Friedman
Date:
Subject: Re: Disallow access from psql, or allow access only from specific client app
Next
From: Chris Curvey
Date:
Subject: Re: Disallow access from psql, or allow access only from specific client app