| From: | Jacob Champion <jacob(dot)champion(at)enterprisedb(dot)com> |
|---|---|
| To: | Ajit Awekar <ajitpostgres(at)gmail(dot)com> |
| Cc: | Zsolt Parragi <zsolt(dot)parragi(at)percona(dot)com>, Jelte Fennema-Nio <postgres(at)jeltef(dot)nl>, Hannu Krosing <hannuk(at)google(dot)com>, PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org>, Dave Cramer <davecramer(at)gmail(dot)com>, Heikki Linnakangas <hlinnaka(at)iki(dot)fi> |
| Subject: | Re: Periodic authorization expiration checks using GoAway message |
| Date: | 2025-12-16 20:22:11 |
| Message-ID: | CAOYmi+mb+fo++GvHNtcT2aspRL0jh1cSM7buEca=s9RYtFRfNA@mail.gmail.com |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Tue, Dec 16, 2025 at 1:15 AM Ajit Awekar <ajitpostgres(at)gmail(dot)com> wrote:
> >What I meant that we can already implement a background process that
> >watches active (oauth) connections, and either:
>
> >Revalidates tokens periodically using introspection APIs
>
> +1 as this will offload validation logic to a dedicated background process.
Is the hope that batching validation will make things more efficient,
or is there another goal to using a background process? You still have
to communicate back to each backend.
--Jacob
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Andrew Dunstan | 2025-12-16 20:53:39 | Re: meson and check-tests |
| Previous Message | Jacob Champion | 2025-12-16 20:19:51 | Re: Periodic authorization expiration checks using GoAway message |