This content has been marked as final. Show 1 reply
If your application knows for sure that the user has been correctly authenticated by an external mechanism, then you should use the "proxy login" feature to run queries on behalf of that user.
Proxy login relies on a shared secret between your application and the SES server. This is implemented via Federation Trusted Entities in the Global Settings. The proxy login name is the entity name, and the password is either entered directly in the Trusted Entities page, or looked up via the identity plugin, if that option is chosen on the Trusted Entities page.