> My suggestion is "don't do that". > I tried to do it once, years ago, and regretted it deeply.
Do you mean "don´t try to fake postgres´ authorisation" (which i don´t want to), or "don´t set up your webservice so that users will recieve data according to their own rights in the database, where each frontend user equals a database user" (which i do want to)?