| From: | Robert Haas <robertmhaas(at)gmail(dot)com> |
|---|---|
| To: | Jim Nasby <Jim(dot)Nasby(at)bluetreble(dot)com> |
| Cc: | Alvaro Herrera <alvherre(at)2ndquadrant(dot)com>, Marko Tiikkaja <marko(at)joh(dot)to>, Simon Riggs <simon(at)2ndquadrant(dot)com>, Bruce Momjian <bruce(at)momjian(dot)us>, José Luis Tallón <jltallon(at)adv-solutions(dot)net>, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, PostgreSQL Hackers <pgsql-hackers(at)postgresql(dot)org>, Craig Ringer <craig(at)2ndquadrant(dot)com>, Stephen Frost <sfrost(at)snowman(dot)net> |
| Subject: | Re: RFC: Non-user-resettable SET SESSION AUTHORISATION |
| Date: | 2015-05-27 01:57:20 |
| Message-ID: | CA+TgmoYJnPb4vvi_TrfxkEfJDXGaKoTODxb1_OyOFVPKk-TstQ@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Fri, May 22, 2015 at 2:11 PM, Jim Nasby <Jim(dot)Nasby(at)bluetreble(dot)com> wrote:
>> Uh, I don't have a clue what you mean when you say "the middle ground
>> of not doing de-auth right now".
>
> Don't allow a backend to move back into a de-authenticated state.
>
> Basically, allow a special connection mode that does nothing but provide
> user authentication back to the pooler. This would allow the pooler to defer
> all auth decisions to Postgres. Once the user was authenticated, the pooler
> could then figure out what pool connection to give to the user.
Such a mode might be useful, but again, it's a lot more complicated
than the proposed protocol-level approach to change session
authorization, and it's really solving a different problem. I still
think we should do the simple thing first.
--
Robert Haas
EnterpriseDB: http://www.enterprisedb.com
The Enterprise PostgreSQL Company
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tatsuo Ishii | 2015-05-27 01:58:16 | Re: psql po translation update |
| Previous Message | Robert Haas | 2015-05-27 01:51:54 | Re: psql po translation update |