| An interesting alternate approach. For many web apps there are many application users but few DB users. Given that there seem to be two main approaches: 1) change it so that each application user maps to a DB user; 2) set a variable in the session before doing any tenant specific-work with the DB connection. This post touches on the latter and goes into some depth for the case where you want to extend raw DB access to the end-user (a rare use case that, for me, is something I pretty much never do): https://blog.2ndquadrant.com/application-users-vs-row-level-security/ So, in that approach one would change the (web) servlet filter to set a session variable ("my.account", for example) at the start of the request, and then clear or reset that value at the end of the request - making sure it's cleared regardless of code path (e.g., in the finally block of a try block that catches all exceptions). Personally, although this pushes the enforcement down the stack, I only see that as a net functional gain if one allows end-users direct access to the DB. Still, I look forward to my next system where I plan to try this out. |
