Hannu Krosing <hannu@tm.ee> writes:
> 2. modify pg_user to show it usename usedomain as two separate fields
> for eas of use (join pg_user and pg_shadow on usesysid if you need to
> see passwords)
This is already more mechanism than I wanted to buy into, and less
forethought than I think we need. For example, is it a good idea if
pg_user shows usernames that cannot be identified with those shown by
ACL lists? If not, how will you modify ACL I/O formats? What about
the has_table_privilege functions?
What I'm envisioning is an extremely limited facility that just maps
connection parameters into an internal username that is of the form
username@dbname or dbname.username. Trying to hide that internal
username for inside-the-database activities does not strike me as a
good plan.
This may prove to be just a stopgap measure that we'll replace down the
road (as indeed the secondary-passwords thing was just a stopgap, IMO).
Let's not add features that will create extra compatibility problems
if we abandon the whole approach later.
regards, tom lane
