| From: | Daniel Farina <drfarina(at)acm(dot)org> |
|---|---|
| To: | Andrew Dunstan <andrew(at)dunslane(dot)net> |
| Cc: | pgsql-hackers <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: One Role, Two Passwords |
| Date: | 2011-01-20 23:10:19 |
| Message-ID: | AANLkTimFiT4Rwz3pcC5uJtAiU-0Q-YoRCAEZy3fXW6bR@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Thu, Jan 20, 2011 at 2:45 PM, Andrew Dunstan <andrew(at)dunslane(dot)net> wrote:
> Have you thought of trying to use an external auth source like LDAP for such
> a scheme?
I have thought about that, although LDAP is the only one that came to
mind (I don't know a whole lot of systems in detail, only by name...so
suggestions welcome for low-administrative-overhead variants). I also
briefly considered investigating what hooks I could exploit for auth &
auth; I do not know these very well right now. It would be ideal to
not have to run another full bore set of services to support phased
password rotation, though -- in this case it would still appear be
better, but frustrating to use the CREATE ROLE ... IN ROLE dance.
--
fdr
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Simon Riggs | 2011-01-20 23:11:30 | Re: SSI and Hot Standby |
| Previous Message | Robert Haas | 2011-01-20 23:07:59 | Re: ALTER TABLE ... REPLACE WITH |