652 CHAPTER 29 SECURING POSTGRESQL developers have (Make web site)
652 CHAPTER 29 SECURING POSTGRESQL developers have relieved you of these tasks, integrating fully featured authentication and authorization capabilities into the server. How the Privilege System Works The PostgreSQL privilege system revolves around two general concepts: Authentication: Determines whether a user is even allowed to connect to the server Authorization: Determines whether the user posses adequate privileges to execute query requests Because authorization cannot take place without successful authentication, you can think of this process as taking place in two stages. The Two Stages of Access Control The general privilege control process takes place in two steps: connection authentication and request verification. Together, these steps are carried out in the following phases: 1. The postmaster compares the connection request information against the entries in the pg_hba.conf file to determine whether the connection should be accepted or rejected. This is done by matching different variables, including the user, connecting host, and database involved. 2. The postmaster verifies any password information against the appropriate location based on the authentication type specified in pg_hba.conf. For authentication types like password, this means verifying the user and password against the pg_shadow table. 3. If the request makes it to Step 3, the postmaster parses and analyzes the query itself to determine which objects within the database the user is attempting to interact with, and in what way. The postmaster then looks up the permissions for these objects in the various pg_ system tables, such as pg_classor pg_proc. If all permissions have been granted appropriately, the query is then executed. Where Is Access Information Stored? PostgreSQL access authorization information is stored in two places: the pg_shadow system table and the pg_hba.conf system file. The pg_shadow table holds the information for specific database user accounts, along with password information and some system-level privilege information. The pg_hba.conf file controls which users can connect to which databases from which machines. Once authenticated, PostgreSQL keeps user authorization information stored primarily in the relacl column of the pg_class table. In this section, we will delve into the details pertinent to the purpose and structure of each of these parts. The pg_shadow Table The pg_shadow table contains detailed information about PostgreSQL users. It controls various system-level privileges and password information for database users. Looking at the pg_shadow table through the psql program, you see the following:
From our experience, we are can tell you that you can find a reliable and cheap webhost service at Java Web Hosting services.