Jonathan Ellis píše v Pá 08. 12. 2006 v 15:40 -0700: > On 12/8/06, ml <[EMAIL PROTECTED]> wrote: > > > > Jonathan Ellis píše v Pá 08. 12. 2006 v 11:05 -0700: > > > On 12/7/06, ml <[EMAIL PROTECTED]> wrote: > > > > I want to have a client application accessing a remote Postgres database > > > > but I don't want to distribute the user/password to the DB. I want > > > > clients to authenticate against some other table of passwords so there > > > > must be a stub between client and DB which will know the DB user/pwd. > > > > How can I manage this in SA? > > > > > > You can write your "stub" in SA easily; your client should interface > > > with the stub not via SQL but via a simple protocol you define that > > > limits it to predetermined actions. > > > > > > > How? What protocol? Any clues or examples are welcome. > > You get to make one up! It's your app! > > The point is, if you trust the client to send valid SQL you are > screwed whether or not the client logs into the database directly or > not. So instead of "insert into users (name) values (...)" your > client would sent "NEWUSER ..." or something. > > If this sounds intimidating, I would suggest picking up a book > covering client/server programming. I believe Programming Python and > Core Python both include chapters on socket programming. >
Now I see where are you heading. So the idea is to put all SA into the stub and each action will be exposed via a single method. It is not what I wanted but it seems I have no other choice. Thanks. DS --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "sqlalchemy" group. To post to this group, send email to sqlalchemy@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/sqlalchemy?hl=en -~----------~----~----~----~------~----~------~--~---
