Re: RFC: Non-user-resettable SET SESSION AUTHORISATION

On Fri, May 22, 2015 at 2:11 PM, Jim Nasby <Jim.Nasby@bluetreble.com> wrote:
>> Uh, I don't have a clue what you mean when you say "the middle ground
>> of not doing de-auth right now".
>
> Don't allow a backend to move back into a de-authenticated state.
>
> Basically, allow a special connection mode that does nothing but provide
> user authentication back to the pooler. This would allow the pooler to defer
> all auth decisions to Postgres. Once the user was authenticated, the pooler
> could then figure out what pool connection to give to the user.

Such a mode might be useful, but again, it's a lot more complicated
than the proposed protocol-level approach to change session
authorization, and it's really solving a different problem.  I still
think we should do the simple thing first.

-- 
Robert Haas
EnterpriseDB: http://www.enterprisedb.com
The Enterprise PostgreSQL Company