Re: Open 7.3 items - Mailing list pgsql-hackers
| From | Tom Lane |
|---|---|
| Subject | Re: Open 7.3 items |
| Date | |
| Msg-id | 8657.1029708495@sss.pgh.pa.us Whole thread Raw |
| In response to | Re: Open 7.3 items (Peter Eisentraut <peter_e@gmx.net>) |
| Responses |
assigning to NULL?
(redmonde@purdue.edu)
|
| List | pgsql-hackers |
Peter Eisentraut <peter_e@gmx.net> writes:
> I'm completely lost between all the proposals about where the @ is going
> to be specified, added, or removed. What happens on the client side and
> what happens on the server side?
Well, the way things stand as of CVS tip is that (assuming you have this
feature turned on in postgresql.conf):
* If a connection request has a username with a trailing '@' (and no
embedded '@'), then the '@' is stripped and connection proceeds.
* Otherwise, '@dbname' is appended to the given username and connection
proceeds.
So a "global" user foo has to say username="foo@" in his connection
request, but he's just "foo" in pg_shadow. A "local" user foo has to
say "foo" in his connection request, and he's "foo@somedb" in pg_shadow.
> All I would like to see is that I can turn on this feature and nothing
> changes as long as I don't add any "local users". Yes, that includes
> hard-wired user names on the client side.
Well, we could have that by inverting the use of '@'; but as I commented
before, it makes more sense to me to make the global users say '@' than
to make the local users do so, because I think in an installation that
wants this feature there will be lots more local than global users.
I really don't put that much weight on the compatibility argument you
make --- not that I don't see your point, but that I don't think it
outweighs convenience of day-to-day use after one has gotten the system
set up. (Also, compatibility cuts both ways: it seems just as likely
to me that the clients with hardwired usernames are going to be ones
you want to connect as local users, as that they are going to be ones
you want to connect as global users. Maybe more likely, if you grant
the assumption that there will be more local than global users.)
It might be worth recalling the reason that we are going through this
pushup in the first place: Marc wants to be able to assign the same
username to two different users who want to access two different
databases. If he would be happy with the answer "give them two
different usernames", we'd not be having this discussion at all.
Do you think he will be happy with the answer "you can give them
the same username as long as it ends in '@'"? I think it's highly
unlikely that he'll be satisfied with that --- he wants to *not*
have constraints on the names he gives out for local users.
> Of course there are various
> degrees of hard-wiring, but what if the ISP admin updates to 7.3 and wants
> to turn on the feature for new clients? Does he tell all his existing
> clients that they must update their user names? Possibly, these users got
> their database access with a shell account and don't specify the user name
> at all because it defaults to the OS user name. Does that continue to
> work?
It works great if the ISP intends to make them all local users, which
seems more likely to me than the other case.
regards, tom lane
pgsql-hackers by date: