Thread: How to determine if a user exists..

How to determine if a user exists..

From
"Dominic J. Eidson"
Date:
I am trying to add another authentication mechanism to PostgreSQL... And,
in doing that, I need to verify the existance of an user within PG. Short
of hacking together code from verify_password(), is there any way to check
if a user exists in postgresql? (The actuall password verification will be
taken care of elsewhere... I just need to check if the user exists.)


thanks,
-- 
Dominic J. Eidson                                       "Baruk Khazad! Khazad ai-menu!" - Gimli
-------------------------------------------------------------------------------
http://www.the-infinite.org/              http://www.the-infinite.org/~dominic/



Re: How to determine if a user exists..

From
Joel Burton
Date:
On Mon, 23 Apr 2001, Dominic J. Eidson wrote:

> I am trying to add another authentication mechanism to PostgreSQL... And,
> in doing that, I need to verify the existance of an user within PG. Short
> of hacking together code from verify_password(), is there any way to check
> if a user exists in postgresql? (The actuall password verification will be
> taken care of elsewhere... I just need to check if the user exists.)

pg_user holds users

(passwords in pg_shadow)

HTH,
-- 
Joel Burton   <jburton@scw.org>
Director of Information Systems, Support Center of Washington



Re: How to determine if a user exists..

From
"Dominic J. Eidson"
Date:
On Mon, 23 Apr 2001, Joel Burton wrote:

> pg_user holds users
> 
> (passwords in pg_shadow)

I doubt the -hackers people would let me add SPI_* stuff into libpq, just
to retrieve whether a user exists or not.. My first thought was to check
the existance of users against $PGDATA/pg_pwd... One question I'd have
there, is whether pg_pwd always exists (or, can be relied upon existing.)?



-- 
Dominic J. Eidson                                       "Baruk Khazad! Khazad ai-menu!" - Gimli
-------------------------------------------------------------------------------
http://www.the-infinite.org/              http://www.the-infinite.org/~dominic/



Re: How to determine if a user exists..

From
"Dominic J. Eidson"
Date:
On Mon, 23 Apr 2001, Tom Lane wrote:

> If you're trying to do this from the postmaster, I think the only way is
> to look at $PGDATA/global/pg_pwd, which is a flat-file version of
> pg_shadow.

This is what I thought - thanks.


-- 
Dominic J. Eidson                                       "Baruk Khazad! Khazad ai-menu!" - Gimli
-------------------------------------------------------------------------------
http://www.the-infinite.org/              http://www.the-infinite.org/~dominic/



Re: How to determine if a user exists..

From
Tom Lane
Date:
"Dominic J. Eidson" <sauron@the-infinite.org> writes:
> I am trying to add another authentication mechanism to PostgreSQL... And,
> in doing that, I need to verify the existance of an user within PG. Short
> of hacking together code from verify_password(), is there any way to check
> if a user exists in postgresql?

If you're trying to do this from the postmaster, I think the only way is
to look at $PGDATA/global/pg_pwd, which is a flat-file version of
pg_shadow.

You'd be well advised to study the existing verification mechanisms in
src/backend/libpq/.
        regards, tom lane


Re: Re: How to determine if a user exists..

From
Peter Eisentraut
Date:
Dominic J. Eidson writes:

> On Mon, 23 Apr 2001, Joel Burton wrote:
>
> > pg_user holds users
> >
> > (passwords in pg_shadow)
>
> I doubt the -hackers people would let me add SPI_* stuff into libpq, just
> to retrieve whether a user exists or not..

You wouldn't have to do that.  There are better ways to read system tables
in the backend.  See FAQ_DEV.

> My first thought was to check
> the existance of users against $PGDATA/pg_pwd... One question I'd have
> there, is whether pg_pwd always exists (or, can be relied upon existing.)?

No it doesn't and no you can't.

The best way to verify a user's existence in the context of a new
authentication method is to not do that at all.  None of the other methods
do it, the existence of a user is checked when authentication has
completed and the backend starts.

-- 
Peter Eisentraut   peter_e@gmx.net   http://funkturm.homeip.net/~peter