> On Wednesday 02 June 2004 02:04, BARTKO Zoltan wrote: >> I would appreciate anyone wiser than me to comment on the following: >> >> I am making an app for PostgreSQL (the server). The clients are >> connecting through the same single user. ... >> >> If I want to access a function (like do this or that with data), I >> use a stored function and pass the id# of the user plus all the >> necessary things. First, I check if the person is authorized to carry >> out the operation. if so, the operation is performed. >> >> There are users, who are administrators. Thus, they are allowed to do >> anything. >> > You can probably use set session authorization. Here are some brief > steps. > > 1. Convert all your users as postgresql database users
If he's going to do this, why bother with hard-coding a single user id and password in the application -- why not have the user log in as their defined Postgresql user, and let the data base handle all the security and permission issues? --Berend Tober ---------------------------(end of broadcast)--------------------------- TIP 5: Have you checked our extensive FAQ? http://www.postgresql.org/docs/faqs/FAQ.html