[sqlalchemy] Re: remote nondirect access to DB
Client application doesn't mean web application and SqlAlchemy would be a too big hammer for SQL console (in my opinion). Well it will be an information system written with wxPython running on multiple computers. I don't want users to see information for direct access to the database. I was trying to expose DBAPI (connections, cursors) via Pyro but it is falling. Sometimes with segfault. David Michael Bayer píše v Čt 07. 12. 2006 v 15:36 -0800: um, web interface ? SQL console ? it would help to know what kind of client youre talking about. --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups sqlalchemy group. To post to this group, send email to sqlalchemy@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/sqlalchemy?hl=en -~--~~~~--~~--~--~---
[sqlalchemy] Re: remote nondirect access to DB
Jonathan Ellis píše v Pá 08. 12. 2006 v 11:05 -0700: On 12/7/06, ml [EMAIL PROTECTED] wrote: I want to have a client application accessing a remote Postgres database but I don't want to distribute the user/password to the DB. I want clients to authenticate against some other table of passwords so there must be a stub between client and DB which will know the DB user/pwd. How can I manage this in SA? You can write your stub in SA easily; your client should interface with the stub not via SQL but via a simple protocol you define that limits it to predetermined actions. How? What protocol? Any clues or examples are welcome. DS --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups sqlalchemy group. To post to this group, send email to sqlalchemy@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/sqlalchemy?hl=en -~--~~~~--~~--~--~---
[sqlalchemy] Re: remote nondirect access to DB
On 12/8/06, ml [EMAIL PROTECTED] wrote: Jonathan Ellis píše v Pá 08. 12. 2006 v 11:05 -0700: On 12/7/06, ml [EMAIL PROTECTED] wrote: I want to have a client application accessing a remote Postgres database but I don't want to distribute the user/password to the DB. I want clients to authenticate against some other table of passwords so there must be a stub between client and DB which will know the DB user/pwd. How can I manage this in SA? You can write your stub in SA easily; your client should interface with the stub not via SQL but via a simple protocol you define that limits it to predetermined actions. How? What protocol? Any clues or examples are welcome. You get to make one up! It's your app! The point is, if you trust the client to send valid SQL you are screwed whether or not the client logs into the database directly or not. So instead of insert into users (name) values (...) your client would sent NEWUSER ... or something. If this sounds intimidating, I would suggest picking up a book covering client/server programming. I believe Programming Python and Core Python both include chapters on socket programming. -- Jonathan Ellis http://spyced.blogspot.com --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups sqlalchemy group. To post to this group, send email to sqlalchemy@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/sqlalchemy?hl=en -~--~~~~--~~--~--~---
[sqlalchemy] Re: remote nondirect access to DB
Jonathan Ellis píše v Pá 08. 12. 2006 v 15:40 -0700: On 12/8/06, ml [EMAIL PROTECTED] wrote: Jonathan Ellis píše v Pá 08. 12. 2006 v 11:05 -0700: On 12/7/06, ml [EMAIL PROTECTED] wrote: I want to have a client application accessing a remote Postgres database but I don't want to distribute the user/password to the DB. I want clients to authenticate against some other table of passwords so there must be a stub between client and DB which will know the DB user/pwd. How can I manage this in SA? You can write your stub in SA easily; your client should interface with the stub not via SQL but via a simple protocol you define that limits it to predetermined actions. How? What protocol? Any clues or examples are welcome. You get to make one up! It's your app! The point is, if you trust the client to send valid SQL you are screwed whether or not the client logs into the database directly or not. So instead of insert into users (name) values (...) your client would sent NEWUSER ... or something. If this sounds intimidating, I would suggest picking up a book covering client/server programming. I believe Programming Python and Core Python both include chapters on socket programming. Now I see where are you heading. So the idea is to put all SA into the stub and each action will be exposed via a single method. It is not what I wanted but it seems I have no other choice. Thanks. DS --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups sqlalchemy group. To post to this group, send email to sqlalchemy@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/sqlalchemy?hl=en -~--~~~~--~~--~--~---
[sqlalchemy] Re: remote nondirect access to DB
um, web interface ? SQL console ? it would help to know what kind of client youre talking about. --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups sqlalchemy group. To post to this group, send email to sqlalchemy@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/sqlalchemy?hl=en -~--~~~~--~~--~--~---