| From: | Laurenz Albe <laurenz(dot)albe(at)cybertec(dot)at> |
|---|---|
| To: | "Subramanian,Ramachandran" <ramachandran(dot)subramanian(at)alte-leipziger(dot)de>, "pgsql-novice(at)lists(dot)postgresql(dot)org" <pgsql-novice(at)lists(dot)postgresql(dot)org> |
| Subject: | Re: Can we lock or expire a ROLE / USER |
| Date: | 2025-09-19 15:55:16 |
| Message-ID: | 9886a78311a66418e5ebd5c2a42bf14987d7147a.camel@cybertec.at |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-novice |
On Fri, 2025-09-19 at 08:32 +0000, Subramanian,Ramachandran wrote:
> Absolute novice in Postgresql, coming from the Mainframe world. Kindly forgive my ignorance.
>
> Is it possible to LOCK or DEACTIVATE or EXPIRE a USER ( ROLE with LOGIN ) after
>
> 1. A set period of inactivity
> 2. 5 Wrong password attempts
>
> I searched through the manals and did not find any mention of such a facility.
PostgreSQL doesn't offer support for these functionalities.
It also does not allow you to enforce password complexity rules.
> If it is not possible at the database level, can this be implemented in any other way?
The way to do that is to authenticat database users using a central identity
management system like Kerberos. See the documentation for a list of supported
authentication methods:
https://www.postgresql.org/docs/current/client-authentication.html
Yours,
Laurenz Albe
| From | Date | Subject | |
|---|---|---|---|
| Next Message | TIM CHILD | 2025-09-19 16:34:13 | Re: Can we lock or expire a ROLE / USER |
| Previous Message | David G. Johnston | 2025-09-19 13:57:28 | Re: Can we lock or expire a ROLE / USER |