Hi,
I need to implement security on the tuple level, so that certain "users"
only have access to certain rows within a table. When I was working with
Oracle I implemented this type of security by creating a logon trigger which
called a function. This function set a context (Oracle object somewhat like
an environment variable, but only for the session) based on the "user_id"
(not db logon) used to log onto the website. Then a policy (Oracle object
which can be used to have a function called every time a table is accessed)
was created on the table. This policy called a function which accessed the
context and used it to build a string that is added on to the accessing
statement's where clause. In this way, without the user knowing, he/she
would only have the ability to select/update/delete their own records.
Is there anything like this, or a good way to implement record level
security in Postgres?
I apologize for the long description.
Thanks for your help!
Darrin
________________________________________________________________________
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com
