Re: [HACKERS] security hook on authorization

2010-10-26 Thread Robert Haas
On Mon, Oct 25, 2010 at 9:45 PM, Robert Haas robertmh...@gmail.com wrote: Oh.  You know, I am realizing that I misread this patch.  This hook is actually after authentication has been done; it's merely before we've told the client what happened.  So maybe this is committable as-is, modulo some

Re: [HACKERS] security hook on authorization

2010-10-25 Thread KaiGai Kohei
Sorry for this late responding. I got a cold later half of the last week. (2010/10/20 12:10), Robert Haas wrote: On Wed, Oct 13, 2010 at 2:13 AM, Robert Haasrobertmh...@gmail.com wrote: 2010/8/24 KaiGai Koheikai...@ak.jp.nec.com: I tried to revise the patch. It allows plugins to get control

Re: [HACKERS] security hook on authorization

2010-10-25 Thread Robert Haas
On Mon, Oct 25, 2010 at 8:51 AM, KaiGai Kohei kai...@kaigai.gr.jp wrote: One possible candidate is CheckMyDatabase() that checks ACL_CONNECT permission for the required database prior to execution of all the queries. Currently, we don't have any security hook around here. But, if we have

Re: [HACKERS] security hook on authorization

2010-10-25 Thread kaigai
On Mon, 25 Oct 2010 21:45:23 -0400 Robert Haas robertmh...@gmail.com wrote: On Mon, Oct 25, 2010 at 8:51 AM, KaiGai Kohei kai...@kaigai.gr.jp wrote: One possible candidate is CheckMyDatabase() that checks ACL_CONNECT permission for the required database prior to execution of all the

Re: [HACKERS] security hook on authorization

2010-10-19 Thread Robert Haas
On Wed, Oct 13, 2010 at 2:13 AM, Robert Haas robertmh...@gmail.com wrote: 2010/8/24 KaiGai Kohei kai...@ak.jp.nec.com: I tried to revise the patch. It allows plugins to get control next to client authentication, but before returning the status to users. This change enables plugins which

Re: [HACKERS] security hook on authorization

2010-10-13 Thread Robert Haas
2010/8/24 KaiGai Kohei kai...@ak.jp.nec.com: I tried to revise the patch. It allows plugins to get control next to client authentication, but before returning the status to users. This change enables plugins which should be invoked on authentication failed to utilize this hook, not only

Re: [HACKERS] security hook on authorization

2010-08-24 Thread KaiGai Kohei
I tried to revise the patch. It allows plugins to get control next to client authentication, but before returning the status to users. This change enables plugins which should be invoked on authentication failed to utilize this hook, not only assignment of session security label. At the same

Re: [HACKERS] security hook on authorization

2010-08-23 Thread KaiGai Kohei
(2010/08/22 21:38), KaiGai Kohei wrote: (2010/08/22 0:20), Robert Haas wrote: On Aug 20, 2010, at 8:27 PM, KaiGai Koheikai...@kaigai.gr.jp wrote: (2010/08/20 23:34), Robert Haas wrote: 2010/8/19 KaiGai Koheikai...@ak.jp.nec.com: I think our standard criteria for the inclusion of hooks is that

Re: [HACKERS] security hook on authorization

2010-08-22 Thread KaiGai Kohei
(2010/08/22 0:20), Robert Haas wrote: On Aug 20, 2010, at 8:27 PM, KaiGai Koheikai...@kaigai.gr.jp wrote: (2010/08/20 23:34), Robert Haas wrote: 2010/8/19 KaiGai Koheikai...@ak.jp.nec.com: I think our standard criteria for the inclusion of hooks is that you must demonstrate that the hook can

Re: [HACKERS] security hook on authorization

2010-08-21 Thread Robert Haas
On Aug 20, 2010, at 8:27 PM, KaiGai Kohei kai...@kaigai.gr.jp wrote: (2010/08/20 23:34), Robert Haas wrote: 2010/8/19 KaiGai Koheikai...@ak.jp.nec.com: I think our standard criteria for the inclusion of hooks is that you must demonstrate that the hook can be used to do something interesting

Re: [HACKERS] security hook on authorization

2010-08-20 Thread Robert Haas
2010/8/19 KaiGai Kohei kai...@ak.jp.nec.com: (2010/08/20 11:45), Robert Haas wrote: 2010/8/19 KaiGai Koheikai...@ak.jp.nec.com: I also plan to add a security hook on authorization time. It shall allow external security providers to set up credential of the authenticated clients. Please note

Re: [HACKERS] security hook on authorization

2010-08-20 Thread KaiGai Kohei
(2010/08/20 23:34), Robert Haas wrote: 2010/8/19 KaiGai Koheikai...@ak.jp.nec.com: (2010/08/20 11:45), Robert Haas wrote: 2010/8/19 KaiGai Koheikai...@ak.jp.nec.com: I also plan to add a security hook on authorization time. It shall allow external security providers to set up credential of

[HACKERS] security hook on authorization

2010-08-19 Thread KaiGai Kohei
I also plan to add a security hook on authorization time. It shall allow external security providers to set up credential of the authenticated clients. Please note that it is not intended to control authentication process. It is typically checked based on a pair of username and password. What I

Re: [HACKERS] security hook on authorization

2010-08-19 Thread Robert Haas
2010/8/19 KaiGai Kohei kai...@ak.jp.nec.com: I also plan to add a security hook on authorization time. It shall allow external security providers to set up credential of the authenticated clients. Please note that it is not intended to control authentication process. It is typically checked

Re: [HACKERS] security hook on authorization

2010-08-19 Thread KaiGai Kohei
(2010/08/20 11:45), Robert Haas wrote: 2010/8/19 KaiGai Koheikai...@ak.jp.nec.com: I also plan to add a security hook on authorization time. It shall allow external security providers to set up credential of the authenticated clients. Please note that it is not intended to control