Обсуждение: Security, IP and username restrictions
Hi, I´m very new to Postgres and I need some help with following: Is it possible to restrict user rights by using both username and password and IP address. I have a situation where same user accessing the database from different locations (IP addresses) must have different user rights. This means, that same user in different locations would see different ammount of data. I know I can build this easily to the web based front-end, but I´d like to make the restriction in Postgres too. thanks! -Tuomas
pg_hba.conf can restrict specific IP's to particular databases. I don't know if it goes down to the table level though. ----- Original Message ----- From: "Tuomas Vanhanen" <Tuomas@TuomasVanhanen.com> Date: Tue, 23 Jul 2002 17:35:24 +0300 To: <pgsql-novice@postgresql.org> Subject: [NOVICE] Security, IP and username restrictions > Hi, > > I´m very new to Postgres and I need some help with following: > > Is it possible to restrict user rights by using both username and password > and IP address. > > I have a situation where same user accessing the database from different > locations (IP addresses) must have different user rights. This means, that > same user in different locations would see different ammount of data. I know > I can build this easily to the web based front-end, but I´d like to make the > restriction in Postgres too. > > thanks! > > -Tuomas > > > > ---------------------------(end of broadcast)--------------------------- > TIP 1: subscribe and unsubscribe commands go to majordomo@postgresql.org > > -- _______________________________________________ Get your free email from http://www.graffiti.net Powered by Outblaze
Tuomas, > I have a situation where same user accessing the database from different > locations (IP addresses) must have different user rights. This means, that > same user in different locations would see different ammount of data. I know > I can build this easily to the web based front-end, but I´d like to make the > restriction in Postgres too. This is not currently implemented in Postgres. Currently, pg_hba.conf restricts IP address access, and user rights in the database define individual table access. These two security mechanisms do not interact. As such, you will need to use a custom solution in either your front-end code, or by using the PostgreSQL RULEs system to restrict access. -- -Josh Berkus Aglio Database Solutions San Francisco