Keith G. Murphy said: > Perhaps I can answer my own question. I could use ident and a map that > lists the web server username as able to map to the different "role" > usernames.
Someone else also mentioned and I personally agree that it's better to authenticate in the application layer (using whatever technology takes your fancy), and then use the webserver's generic/pooled connection to communicate with the database. Your user and role mapping info could be stored within the database, or accessed from an LDAP server, or some such. > Unfortunately, that still would allow the web server account > to "fake" role names. Make the application layer robust and secure and it may not be so much of a problem. John ---------------------------(end of broadcast)--------------------------- TIP 7: don't forget to increase your free space map settings
