>
> Eze Ogwuma writes:
> > Bruce Momjian <maillist@candle.pha.pa.us> writes:
> > > Can you be specific? Something I can add to the TODO list.
> >
> > Database based access for users so that each user can be giving access
> > to a particular database only. More permissions for each databse user:
> > Create, Drop, Select, Insert etc. Possibly table based
> > authentification as well.
>
> I needed to do that for the web database that I'm setting up. We have
> 20000 users and each (potentially) needs a separate database which is
> only accessible to them. Rather than having 20000 lines in pg_hba.conf,
> I've patched Postgres so that the special token "%username" in the
> database field of pg_hba.conf allows access only to the username which
> is connecting. (I chose the leading "%" so that it couldn't clash with
> a real database name.) Since the patch is against 6.1 rather than
> 6.2beta, I hadn't made it public. Here it is in case it's of interest.
I have re-generated this patch for the current source, and changed
'%username' to 'sameuser'. I added documentation in pg_hba.conf.
Patch applied. This is a nice feature.
--
Bruce Momjian | 830 Blythe Avenue
maillist@candle.pha.pa.us | Drexel Hill, Pennsylvania 19026
+ If your life is a hard drive, | (610) 353-9879(w)
+ Christ can be your backup. | (610) 853-3000(h)