In our database we have a login table featuring coloumns username and password. How can this username be retrieved inside a trigger function so that it can also be audited. user keyword inside the trigger function retrieves the postgresql username, what I need is the application username. Any suggestions?
Asked
Active
Viewed 1,789 times
3
Shalin
- 1,431
- 5
- 12
- 18
1 Answers
3
You can set a custom GUC up in postgresql.conf. Use it to store the application username at login using SET myapp_username. Access that in triggers with current_setting(myapp_username)
Alternately, create a TEMPORARY table at user login and INSERT the user's application username into it at login. SELECT it in triggers where required.
Both of these require that the user cannot run custom SQL directly, of course, but that's generally a requirement of application-level authentication like you're using anyway.
More detail in Passing user id to PostgreSQL triggers
Community
- 1
- 1
Craig Ringer
- 307,061
- 76
- 688
- 778
-
1@shalin I wrote a more detailed reply to this in another question, in case you're interested. It contains demo code, docs links, and more explanation. See http://stackoverflow.com/q/13172524/398670 – Craig Ringer Nov 01 '12 at 08:36