| From: | Jeff Davis <pgsql(at)j-davis(dot)com> |
|---|---|
| To: | Andres Freund <andres(at)anarazel(dot)de> |
| Cc: | samay sharma <smilingsamay(at)gmail(dot)com>, pgsql-hackers(at)lists(dot)postgresql(dot)org |
| Subject: | Re: Proposal: Support custom authentication methods using hooks |
| Date: | 2022-02-25 17:29:24 |
| Message-ID: | ee357984676ec5e0b2268e3e6866cd43f855e4cf.camel@j-davis.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Thu, 2022-02-24 at 19:47 -0800, Andres Freund wrote:
> Why is it restricted to that? You could do sasl negotiation as well
> from what
> I can see? And that'd theoretically also allow to negotiate whether
> the client
> supports different ways of doing auth? Not saying that that's easy,
> but I
> don't think it's a fundamental restriction.
Good point! It would only work with enhanced clients though -- maybe in
the future we'd make libpq pluggable with new auth methods?
> We have several useful authentication technologies built ontop of
> plaintext
> exchange. Radius, Ldap, Pam afaics could be implemented as an
> extension?
Yes, and it means that we won't have to extend that list in core in the
future when new methods become popular.
Regards,
Jeff Davis
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Jeff Davis | 2022-02-25 17:33:45 | Re: Proposal: Support custom authentication methods using hooks |
| Previous Message | Andrew Dunstan | 2022-02-25 17:28:36 | Re: Readd use of TAP subtests |