Обсуждение: Position of ClientAuthentication hook

Hello hackers,

I have a doubt regarding the positioning of clientAuthentication hook
in function ClientAuthentication. Particularly, in case of hba errors,
i.e. cases uaReject or uaImplicitReject it errors out, leading to no
calls to any functions attached to the authentication hook. Can't we
process the hook function first and then error out...?

-- 
Regards,
Rafia Sabih

On Mon, Jun 14, 2021 at 8:51 AM Rafia Sabih <rafia.pghackers@gmail.com> wrote:
> I have a doubt regarding the positioning of clientAuthentication hook
> in function ClientAuthentication. Particularly, in case of hba errors,
> i.e. cases uaReject or uaImplicitReject it errors out, leading to no
> calls to any functions attached to the authentication hook. Can't we
> process the hook function first and then error out...?

Maybe. One potential problem is that if the hook errors out, the
original error would be lost and only the error thrown by the hook
would be logged or visible to the client. Whether or not that's a
problem depends, I suppose, on what you're trying to do with the hook.

-- 
Robert Haas
EDB: http://www.enterprisedb.com

On Mon, 14 Jun 2021 at 21:04, Robert Haas <robertmhaas@gmail.com> wrote:
>
> On Mon, Jun 14, 2021 at 8:51 AM Rafia Sabih <rafia.pghackers@gmail.com> wrote:
> > I have a doubt regarding the positioning of clientAuthentication hook
> > in function ClientAuthentication. Particularly, in case of hba errors,
> > i.e. cases uaReject or uaImplicitReject it errors out, leading to no
> > calls to any functions attached to the authentication hook. Can't we
> > process the hook function first and then error out...?
>
> Maybe. One potential problem is that if the hook errors out, the
> original error would be lost and only the error thrown by the hook
> would be logged or visible to the client. Whether or not that's a
> problem depends, I suppose, on what you're trying to do with the hook.

Thanks Robert for this quick clarification.


-- 
Regards,
Rafia Sabih