On 2/24/22 04:16, Aleksander Alekseev wrote: > Hi Samay, > >> I wanted to submit a patch to expose 2 new hooks (one for the authentication >> check and another one for error reporting) in auth.c. These will allow users >> to implement their own authentication methods for Postgres or add custom >> logic around authentication. > I like the idea - PostgreSQL is all about extendability. Also, well > done with TAP tests and an example extension. This being said, I > didn't look at the code yet, but cfbot seems to be happy with it: > http://cfbot.cputube.org/ > >> One constraint in the current implementation is that we allow only one >> authentication provider to be loaded at a time. In the future, we can add >> more functionality to maintain an array of hooks and call the appropriate >> one based on the provider name in the pg_hba line. > This sounds like a pretty severe and unnecessary limitation to me. Do > you think it would be difficult to bypass it in the first > implementation?
Yeah, I think we would want a set of providers that could be looked up at runtime. I think this is likely to me material for release 16, so there's plenty of time to get it right. cheers andrew -- Andrew Dunstan EDB: https://www.enterprisedb.com
