On Thu, Jul 23, 2009 at 12:47, Lauris Ulmanis<lauris.ulmanis@mykoob.com> wrote:
> Hello!
>
>
>
> I posted you a message about slowness of creation users more than 500 000
> (#4919). It seems there is no workaround of this problem because of using
> pg_auth flat file.
>
>
>
> To override this problem is it possible to use LDAP authentification metod
> to identify each user and speed up system?
No. LDAP authentication still requires all the users to be created in
the database before they can log in. This is required so that they get
an oid in the system, that is used for all permissions checks and
ownership and such things.
The only thing you could do here is to map multiple users to the
*same* database user using pg_ident.conf, for example with a regular
expression. However, you then loose the ability to distinguish between
these users once they are logged in.
> How it will affect group roles
> for each user because we use groups roles to give Access to users to system
> objects? Because group roles will work only with postgres users not LDAP.
The PostgreSQL LDAP code currently has no support for groups.
> pgBouncer or pgPool uses Postgres users for connection pooling. Is there
> some more variants to use connection pooling without using postgres users?
Not that I know of.
--
Magnus Hagander
Self: http://www.hagander.net/
Work: http://www.redpill-linpro.com/
