Re: [GENERAL] [HACKERS] USER Profiles for PostgreSQL - Mailing list pgsql-hackers

From chiru r
Subject Re: [GENERAL] [HACKERS] USER Profiles for PostgreSQL
Date
Msg-id CA+RSxMhT4hBbK2DYxdKuGt4y9JDjX=XoQo_iScU5HM1ntoRopg@mail.gmail.com
Whole thread Raw
In response to Re: [GENERAL] [HACKERS] USER Profiles for PostgreSQL  (Bruce Momjian <bruce@momjian.us>)
List pgsql-hackers
Yes, LDAP will do. However we need to sync the user accounts and  groups between AD and PG servers.and then AD profiles will apply to PG user accounts for authentication.

It is good if we have user profiles in core PostgreSQL database system. So it will add more security.

Thanks,
Chiranjeevi

On Tue, Sep 19, 2017 at 3:09 PM, Bruce Momjian <bruce@momjian.us> wrote:
On Tue, Sep 19, 2017 at 01:28:11PM -0400, Stephen Frost wrote:
> Tom,
>
> * Tom Lane (tgl@sss.pgh.pa.us) wrote:
> > chiru r <chirupg@gmail.com> writes:
> > > We are looking  for User profiles in ope source PostgreSQL.
> > > For example, If a  user password failed n+ times while login ,the user
> > > access has to be blocked few seconds.
> > > Please let us know, is there any plan to implement user profiles in feature
> > > releases?.
> >
> > Not particularly.  You can do that sort of thing already via PAM,
> > for example.
>
> Ugh, hardly and it's hokey and a huge pain to do, and only works on
> platforms that have PAM.
>
> Better is to use an external authentication system (Kerberos, for
> example) which can deal with this, but I do think this is also something
> we should be considering for core, especially now that we've got a
> reasonable password-based authentication method with SCRAM.

Does LDAP do this too?

--
  Bruce Momjian  <bruce@momjian.us>        http://momjian.us
  EnterpriseDB                             http://enterprisedb.com

+ As you are, so once was I.  As I am, so you will be. +
+                      Ancient Roman grave inscription +

pgsql-hackers by date:

Previous
From: Jeff Janes
Date:
Subject: Re: [HACKERS] Create replication slot in pg_basebackup if requestedand not yet present
Next
From: Andrew Dunstan
Date:
Subject: Re: [HACKERS] Show backtrace when tap tests fail