Re: Best practice? Web application: single PostgreSQL
| От | Martin Marques |
|---|---|
| Тема | Re: Best practice? Web application: single PostgreSQL |
| Дата | |
| Msg-id | 1074096623.400569efec7c8@bugs.unl.edu.ar обсуждение исходный текст |
| Ответ на | Re: Best practice? Web application: single PostgreSQL ("scott.marlowe" <scott.marlowe@ihs.com>) |
| Список | pgsql-general |
Mensaje citado por "scott.marlowe" <scott.marlowe@ihs.com>:
> > 1) have the web server connecting to the database using its own user
> > account (possibly through ident), and controlling access to different
> > database entities strictly through the application itself
[snip]
> I do 1. different language (PHP) same basic thing though. All security
> is handled by ACLS I build myself in Postgresql and interrogate via my own
> application.
In the case of PHP there are very nice ACL stuff in PEAR, like PEAR::Auth.
I personally do all the auth stuff by myself (table with users, table with
function, table with permissions, etc.), just like Scott. :-)
--
select 'mmarques' || '@' || 'unl.edu.ar' AS email;
---------------------------------------------------------
Martín Marqués | Programador, DBA
Centro de Telemática | Administrador
Universidad Nacional
del Litoral
---------------------------------------------------------
В списке pgsql-general по дате отправления: