On 1/21/2017 1:37 PM, Stephen Frost wrote:
* PAWAN SHARMA (er.pawanshr0...@gmail.com) wrote:
So, there is no solution for my first question, we need if users enter the
wrong password more than 5 times than their account gets locked and then
only DBA will unlock this account.
I understood the question and there is an answer- use PAM.
The other option is to not use password-based authentication with PG and
instead use a better method such as certificate-based auth or GSSAPI.
or just don't let 'users' connect directly to the database at all.
users run an app (or browser), which talks to an app server, which has
the business logic and does the database connection and executes the
business logic specific queries.
--
john r pierce, recycling bits in santa cruz
