Обсуждение: preventing access with psql

I have an application who is client/server instaled with hundred of
users where every user of the aplication have one user registred in
the database. The aplication and PostgreSQL is working fine and we use
some roles to grant access in every object that some groups need to
use.
The problem is that once the user have a role granted to him, he can
connect direct to   the database using psql or any other tool. We
really need to prevent this. If we use an aplication server, I could
limit the access using just one IP on pg_hba.conf, but in this case we
could not do these.

In Oracle, we use the clause 'set role identified by some_password'.
How could I handle these problem. Any clue?

Thanks for any help,
Fabio Telles
--
blog: http://www.midstorm.org/~telles/
e-mail / jabber: fabio.telles@gmail.com

Fabio Telles wrote:
> In Oracle, we use the clause 'set role identified by some_password'.
> How could I handle these problem. Any clue?
>

Normally these role passwords in Oracle are used (and stored) on a
middle tier, and not put into the hands of the client.  So where are you
storing this role pass?  Compiling it into the app and hoping no one
runs strings on it (or whatever level of digging is required)?

Paul