Magnus Hagander wrote:
[about the ability to use different maps for ident auth, gss and krb
auth for example]
>>>> It wouldn't be very easy/clean to do that w/o breaking the existing
>>>> structure of pg_ident though, which makes me feel like using seperate
>>>> files is probably the way to go.
Actually, I may have to take that back. We already have support for
multiple maps in the ident file, I'm not really sure anymore of the case
where this wouldn't be enough :-)
That said, I still think we want to parse pg_hba in the postmaster,
because it allows us to not load known broken files, and show errors
when you actually change the file etc. ;-)
I did code up a POC patch for it, and it's not particularly hard to do.
Mostly it's just moving the codepath from the backend to the postmaster.
I'll clean it up a but and post it, just so ppl can see what it looks
like...
//Magnus
