Forgive me if this is a basic and trivial (i.e., stupid) question. I haven't been using postgres very long, and I'm not an experienced database system developer.
I noticed that there is a very powerful group-based security feature in postgres. Very nice - I like it alot. So one way to implement security constraints is to define appropriate groups, assign memobership of users to those groups, and then assign group-based permissions to the assorted database objects (e.g., tables). Fantastic! However, ... this requires each entity accessing the databse to be defined as a user. In the context of a web application, this paradigm doesn't necessarily make sense since there may be many unknown users. Somehow those users must be mapped to a "role." I suppose you can map all unknown users into the user "guest" and then define guest privileges appropriately. Is this a good approach? Is there better way to do this? Is there an altnerate way to consider? -- % Randy Yates % "My Shangri-la has gone away, fading like %% Fuquay-Varina, NC % the Beatles on 'Hey Jude'" %%% 919-577-9882 % %%%% <[EMAIL PROTECTED]> % 'Shangri-La', *A New World Record*, ELO http://home.earthlink.net/~yatescr ---------------------------(end of broadcast)--------------------------- TIP 9: the planner will ignore your desire to choose an index scan if your joining column's datatypes do not match
