Open gastaldi opened 3 years ago
Implementation idea: Create an @ApplicationScoped
bean implementing io.agroal.api.AgroalPoolInterceptor
. This will listen for connections coming out and in from the pool.
Then perform a SET SESSION AUTHORIZATION 'user'
on the interceptor.
Link: https://www.postgresql.org/docs/current/sql-set-session-authorization.html
Query operations should be performed by a user that has little privilege on the database.
Admin operations should happen only on authenticated and authorized requests