Re: Proposal: Support custom authentication methods using hooks
| От | Bruce Momjian |
|---|---|
| Тема | Re: Proposal: Support custom authentication methods using hooks |
| Дата | |
| Msg-id | YiEAep+VHYpRNCvo@momjian.us обсуждение исходный текст |
| Ответ на | Re: Proposal: Support custom authentication methods using hooks ("Jonathan S. Katz" <jkatz@postgresql.org>) |
| Список | pgsql-hackers |
On Thu, Mar 3, 2022 at 12:38:32PM -0500, Jonathan Katz wrote: > On 3/3/22 12:23 PM, Bruce Momjian wrote: > > On Thu, Mar 3, 2022 at 10:45:42AM +0100, Peter Eisentraut wrote: > > > On 02.03.22 16:45, Jonathan S. Katz wrote: > > > > By that argument, we should have kept "password" (plain) as an > > > > authentication method. > > > > > > For comparison, the time between adding md5 and removing password was 16 > > > years. It has been 5 years since scram was added. > > > > Uh, when did we remove "password". I still see it mentioned in > > pg_hba.conf. Am I missing something? > > I may have explained this wrong. The protocol still supports "plain" but we > removed the ability to store passwords in plaintext: > > "Remove the ability to store unencrypted passwords on the server > > "The password_encryption server parameter no longer supports off or plain. > The UNENCRYPTED option is no longer supported in CREATE/ALTER USER ... > PASSWORD. Similarly, the --unencrypted option has been removed from > createuser. Unencrypted passwords migrated from older versions will be > stored encrypted in this release. The default setting for > password_encryption is still md5." OK, that does make sense. -- Bruce Momjian <bruce@momjian.us> https://momjian.us EDB https://enterprisedb.com If only the physical world exists, free will is an illusion.
В списке pgsql-hackers по дате отправления: