| From: | Andrew Dunstan <andrew(at)dunslane(dot)net> |
|---|---|
| To: | PostgreSQL Hackers <pgsql-hackers(at)lists(dot)postgresql(dot)org> |
| Subject: | Allow +group in pg_ident.conf |
| Date: | 2023-01-09 13:00:26 |
| Message-ID: | 8c8855d0-61eb-8692-44c4-ff12194d6e7c@dunslane.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Over at [1] I speculated that it might be a good idea to allow
+grouprole type user names in pg_ident.conf. The use case I have in mind
is where the user authenticates to pgbouncer and then pgbouncer connects
as the user using a client certificate. Without this mechanism that
means that you need a mapping rule for each user in pg_ident.conf, which
doesn't scale very well, but with this mechanism all you have to do is
grant the specified role to users. So here's a small patch for that.
Comments welcome.
cheers
andrew
[1] https://postgr.es/m/6912eb9c-4905-badb-ad87-eeca8ace13e7@dunslane.net
--
Andrew Dunstan
EDB: https://www.enterprisedb.com
| Attachment | Content-Type | Size |
|---|---|---|
| ident-plus-role.patch | text/x-patch | 4.5 KB |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Richard Guo | 2023-01-09 13:28:16 | Re: Allow DISTINCT to use Incremental Sort |
| Previous Message | Jelte Fennema | 2023-01-09 13:00:01 | Re: [EXTERNAL] Re: Support load balancing in libpq |