Re: [PATCH] Expose port->authn_id to extensions and triggers

On 8/6/22 02:26, Michael Paquier wrote:
> On Fri, Aug 05, 2022 at 12:48:33PM +0200, Drouvot, Bertrand wrote:
>> On 8/2/22 11:57 PM, Jacob Champion wrote:
>>> Thoughts from prior reviewers? Is SYSTEM_USER the way to go?
> 
> Reading through the other thread, there is a clear parallel between
> both in concept to provide this information at SQL level, indeed.
> 
>> I did not look in detail to this thread, but if the goal is "only" to expose
>> authn_id (as the subject describes) then it seems to me that SYSTEM_USER [1]
>> is the way to go.
>> 
>> [1]: https://commitfest.postgresql.org/39/3703/
> 
> However, I am not sure if the suggestion of auth_method:authn as
> output generated by SYSTEM_USER would be correct according to the SQL
> specification, either.  The spec being not really talkative about the
> details of what an external module should be opens up for a lot of
> interpretation, something that both thread are dealing with.

As I pointed out here [ 
https://www.postgresql.org/message-id/28b4a9ef-5103-f117-99e1-99ae5a86a6e8%40joeconway.com 
] both the SQL Server and Oracle interpretations are similar to the one 
provided by Bertrand's patch:

SQL Server:
   "If the current user is logged in to SQL Server by
    using Windows Authentication, SYSTEM_USER returns the
    Windows login identification name in the form:
    DOMAIN\user_login_name. However, if the current user
    is logged in to SQL Server by using SQL Server
    Authentication, SYSTEM_USER returns the SQL Server
    login identification name"

Oracle:
   "SYSTEM_USER
    Returns the name of the current data store user as
    identified by the operating system."

I am not sure how else we should interpret SYSTEM_USER -- if it isn't 
port->authn_id what else would you propose it should be?

-- 
Joe Conway
RDS Open Source Databases
Amazon Web Services: https://aws.amazon.com