On Sun, Jan 28, 2007 at 23:46:27 +0200, Andrus <[EMAIL PROTECTED]> wrote: > My application implements field and row level security. > I have custom table of users where user privileges are described. > > However user can login directly to database using pgAdmin. This bypasses > the security. > > How to allow users to login only from my application ? > I think I must create server-side pgsql procedure for login validation.
Run the application on a machine you control. Then the application can authenticate without the users being able to steal or piggyback on its credentials. ---------------------------(end of broadcast)--------------------------- TIP 6: explain analyze is your friend
