Killing inactive connections
I run a clinical data warehouse using PostgreSQL
7.1.2_2 on FreeBSD 4.3-stable. Data security and
privacy standards have been enacted at the federal
level via the Health Insurance Portability and
Accountability Act (HIPAA).
One of the rules requires timed logouts. If someone
walks away from their desk for a certain amount of
time, the connection should time-out; and the employee
must log back into the application.
Data analysts access my databases using MS Access. Is
there a way in PostgreSQL to track inactivity and
close inactive connections after a specified length of
time?
Thanks,
Andrew Gould
__________________________________________________
Do You Yahoo!?
Make international calls for as low as $.04/minute with Yahoo! Messenger
http://phonecard.yahoo.com/
Andrew Gould <andrewgould@yahoo.com> writes:
Is there a way in PostgreSQL to track inactivity and
close inactive connections after a specified length of
time?
Not at present. This seems to me to be something that has to be
implemented on the client side, anyway. We could conceivably implement
an idle-timeout in the backend, but what it would be measuring is time
between SQL requests, which proves little about whether there is someone
awake at the other end. Two counterexamples:
1. User starts a long-running SQL script and walks away. Backend will
not time out, but you're not meeting the regulation.
2. User is intensely interacting with his app, but is doing something
that does not trigger SQL requests. Backend times out and drops
connection. At the very least this annoys the user; quite possibly
it causes him to lose work, depending on how robust his app is about
reconnecting.
So I don't think that this is an issue for Postgres to solve. If Access
can't do it, maybe you need a different frontend app that can.
regards, tom lane
Hhmmmm. I see what you mean. Perhaps an office
policy regarding password protected screen savers or
screen locks would meet the regulation's intent. (It
would also be simple and cheap.)
Thanks, Tom.
Andrew Gould
--- Tom Lane <tgl@sss.pgh.pa.us> wrote:Andrew Gould <andrewgould@yahoo.com> writes:
Is there a way in PostgreSQL to track inactivity
and
close inactive connections after a specified
length of
time?
Not at present. This seems to me to be something
that has to be
implemented on the client side, anyway. We could
conceivably implement
an idle-timeout in the backend, but what it would be
measuring is time
between SQL requests, which proves little about
whether there is someone
awake at the other end. Two counterexamples:1. User starts a long-running SQL script and walks
away. Backend will
not time out, but you're not meeting the regulation.2. User is intensely interacting with his app, but
is doing something
that does not trigger SQL requests. Backend times
out and drops
connection. At the very least this annoys the user;
quite possibly
it causes him to lose work, depending on how robust
his app is about
reconnecting.So I don't think that this is an issue for Postgres
to solve. If Access
can't do it, maybe you need a different frontend app
that can.regards, tom lane
__________________________________________________
Do You Yahoo!?
Make international calls for as low as $.04/minute with Yahoo! Messenger
http://phonecard.yahoo.com/
Andrew Gould <andrewgould@yahoo.com> writes:
Hhmmmm. I see what you mean. Perhaps an office
policy regarding password protected screen savers or
screen locks would meet the regulation's intent.
That seems like a good solution: easy, does the right thing,
shouldn't break anything.
regards, tom lane
Hi,
From what I gather, your "feature" should be placed in the client and
not on the server... Therefore, if you had an MS Access or some other
application, accessing your backend server, and your APPLICATION is
being idle for N time units, then you can set your APPLICATION to log
the user out. At least, that's how I would approach it..;-)
Hope that helps...;-)
Cheers,
John Clark
Andrew Gould wrote:
I run a clinical data warehouse using PostgreSQL
7.1.2_2 on FreeBSD 4.3-stable. Data security and
privacy standards have been enacted at the federal
level via the Health Insurance Portability and
Accountability Act (HIPAA).One of the rules requires timed logouts. If someone
walks away from their desk for a certain amount of
time, the connection should time-out; and the employee
must log back into the application.Data analysts access my databases using MS Access. Is
there a way in PostgreSQL to track inactivity and
close inactive connections after a specified length of
time?
--
/) John Clark Naldoza y Lopez (\
/ ) Software Design Engineer III ( \
_( (_ _ Web-Application Development _) )_
(((\ \> /_> Cable Modem Network Management System <_\ </ /)))
(\\\\ \_/ / NEC Telecom Software Phils., Inc. \ \_/ ////)
\ / \ /
\ _/ phone: (+63 32) 233-9142 loc. 3113 \_ /
/ / cellphone: (+63 919) 399-4742 \ \
/ / email: njclark@ntsp.nec.co.jp \ \
"Intelligence is the ability to avoid doing work, yet getting the work
done"
--Linus Torvalds
On Thu, Aug 16, 2001 at 03:28:47PM -0700,
Andrew Gould <andrewgould@yahoo.com> wrote:
Hhmmmm. I see what you mean. Perhaps an office
policy regarding password protected screen savers or
screen locks would meet the regulation's intent. (It
would also be simple and cheap.)
This is a much better solution. Timeouts suck and don't work well.
They take too long to happen when people leave their desk area and
get in the way of people trying to work. (This often gets to the
point where people run things that prevent timeouts.)
Putting an icon on the desktop for a password protected screen saver
makes it relatively painless to moderately secure a computer when
you step away from your desk.