I just learned to read, sorry.You mean not to do the second thing, which i do want to do (where each frontend user equals a database user).Thank you for your advise.I´m not sure if i can get around it, but i´ll use extra caution anayway.
WBLOn 10/27/06, Willy-Bas Loos <[EMAIL PROTECTED]> wrote:
> M
> My suggestion is "don't do that".> I tried to do it once, years ago, and regretted it deeply.Do you mean "don´t try to fake postgres´ authorisation" (which i don´t want to),or "don´t set up your webservice so that users will recieve data according to their own rights in the database, where each f
On Thu, Oct 26, 2006 at 12:27:49AM +0200, Willy-Bas Loos wrote:
> or will not receive those, because of the rights granted to him. These
> granted rights and roles will be determined by the regular postgres
> functionality (and some views).
Ah, that's a different matter. My suggestion is "don't d
I think that´s not exactly what i´m looking for.Just to make sure that i understand what you´re proposing (please correct me if i´m wrong):I´ll write a function that will create a hash of username, password and, say 'now'::timestamp and store it in a cookie and in a separate table somewhere on the
On Wed, Oct 25, 2006 at 03:49:54PM +0200, Willy-Bas Loos wrote:
> So as a temporary compromise, we decided to store the username and password
> in a cookie on the client PC, which is of course a serious weakness.
>
> Can anyone give me some advise on how to do this a better way, without
> consumin
