On 2/24/22 04:16, Aleksander Alekseev wrote:
> Hi Samay,
>
>> I wanted to submit a patch to expose 2 new hooks (one for the authentication check and another one for error
reporting)in auth.c. These will allow users to implement their own authentication methods for Postgres or add custom
logicaround authentication.
> I like the idea - PostgreSQL is all about extendability. Also, well
> done with TAP tests and an example extension. This being said, I
> didn't look at the code yet, but cfbot seems to be happy with it:
> http://cfbot.cputube.org/
>
>> One constraint in the current implementation is that we allow only one authentication provider to be loaded at a
time.In the future, we can add more functionality to maintain an array of hooks and call the appropriate one based on
theprovider name in the pg_hba line.
> This sounds like a pretty severe and unnecessary limitation to me. Do
> you think it would be difficult to bypass it in the first
> implementation?
Yeah, I think we would want a set of providers that could be looked up
at runtime.
I think this is likely to me material for release 16, so there's plenty
of time to get it right.
cheers
andrew
--
Andrew Dunstan
EDB: https://www.enterprisedb.com
