Re: Proposal: Support custom authentication methods using hooks
| От | Andrew Dunstan |
|---|---|
| Тема | Re: Proposal: Support custom authentication methods using hooks |
| Дата | |
| Msg-id | 4dd67245-c4b2-4cea-7d7c-b829feb30e1c@dunslane.net обсуждение исходный текст |
| Ответ на | Re: Proposal: Support custom authentication methods using hooks (Aleksander Alekseev <aleksander@timescale.com>) |
| Список | pgsql-hackers |
On 2/24/22 04:16, Aleksander Alekseev wrote: > Hi Samay, > >> I wanted to submit a patch to expose 2 new hooks (one for the authentication check and another one for error reporting)in auth.c. These will allow users to implement their own authentication methods for Postgres or add custom logicaround authentication. > I like the idea - PostgreSQL is all about extendability. Also, well > done with TAP tests and an example extension. This being said, I > didn't look at the code yet, but cfbot seems to be happy with it: > http://cfbot.cputube.org/ > >> One constraint in the current implementation is that we allow only one authentication provider to be loaded at a time.In the future, we can add more functionality to maintain an array of hooks and call the appropriate one based on theprovider name in the pg_hba line. > This sounds like a pretty severe and unnecessary limitation to me. Do > you think it would be difficult to bypass it in the first > implementation? Yeah, I think we would want a set of providers that could be looked up at runtime. I think this is likely to me material for release 16, so there's plenty of time to get it right. cheers andrew -- Andrew Dunstan EDB: https://www.enterprisedb.com
В списке pgsql-hackers по дате отправления: