PGCon2010 - Final Release

PGCon 2010
The PostgreSQL Conference

Aurynn Shaw
Day Talks - 1 - 2010-05-20
Room DMS 1150
Start time 10:00
Duration 01:00
ID 259
Event type Lecture
Track Applications
Language used for presentation English

Application-level Authorization via SET ROLE

Working around connection pooling for permissions

Discussing why integrating application authorization with your database is a good idea, downsides to such integration, implementation gotchas, and finally covering an example implementation.

In this talk, we'll be covering handling application-level authorization structures by using Postgres' built-in authorization and gross access control, and how to build a tiered, structured authorization tree in Postgres, both tables and the stored procedures that manipulate those tables.

We will also be discussing pitfalls and limitations to using Postgres as an authorization provider, as well as the advantages to doing so.

Finally, We will look at Vertically Challenged, an implementation of these ideas using the Python WSGI stack, and how VC uses Postgres to achieve its authorization requirements.