I think it's something like SELECT 'md5' + md5(password + username);
Regards,
Ben
Thorsten Kraus [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED]
This would be a possible way. Now the question is which algorithm
implementation of md5 PostgreSQL uses...
Bye,
Thorsten
Ben
No idea??
Thorsten Kraus schrieb:
Hi,
I designed a Java web application. The persistence layer is a
PostgreSQL database. The application needs user authentication.
I think it's a good choice to implement this authentication mechanism
via PostgreSQL login roles. So I can create several
Thorsten Kraus wrote:
No idea??
You'd need an authenticated user to call that stored procedure in the
first place. It is kind of a chicken-and-egg problem.
Usually people create a user for the webapp. This user makes the first
connection to the database.
After that you probably could define a
Thorsten Kraus wrote:
Hi,
I designed a Java web application. The persistence layer is a PostgreSQL
database. The application needs user authentication.
I think it's a good choice to implement this authentication mechanism
via PostgreSQL login roles. So I can create several database login
Hi,
thanks for your answer. I cant use the username/password in my DSN
because I don't connect directly via JDBC to the database. I use
hibernate for all database actions. The username and password has to be
stored in the hibernate configuration file...
Bye,
Thorsten
Lutz Broedel schrieb:
In response to Thorsten Kraus [EMAIL PROTECTED]:
Hi,
thanks for your answer. I cant use the username/password in my DSN
because I don't connect directly via JDBC to the database. I use
hibernate for all database actions. The username and password has to be
stored in the hibernate
You could originally connect to the database as some kind of power user.
Check the password against the pg_shadow view (you would need to md5 your
password somehow) and then do a SET SESSION AUTHORIZATION (or SET ROLE) to
change your permissions. Not sure how secure this would be but it's the
This would be a possible way. Now the question is which algorithm
implementation of md5 PostgreSQL uses...
Bye,
Thorsten
Ben Trewern schrieb:
You could originally connect to the database as some kind of power user.
Check the password against the pg_shadow view (you would need to md5 your
I designed a Java web application. The persistence layer is a
PostgreSQL database. The application needs user authentication.
I think it's a good choice to implement this authentication mechanism
via PostgreSQL login roles. So I can create several database login
roles and set the database
Hi,
I designed a Java web application. The persistence layer is a PostgreSQL
database. The application needs user authentication.
I think it's a good choice to implement this authentication mechanism
via PostgreSQL login roles. So I can create several database login roles
and set the database
10 matches
Mail list logo
