Re: [v9.1] Add security hook on initialization of instance
Stephen Frost <sfrost@snowman.net>
From: Stephen Frost <sfrost@snowman.net>
To: Tom Lane <tgl@sss.pgh.pa.us>
Cc: Robert Haas <robertmhaas@gmail.com>, KaiGai Kohei <kaigai@ak.jp.nec.com>, KaiGai Kohei <kaigai@kaigai.gr.jp>, pgsql-hackers@postgresql.org
Date: 2010-07-08T14:42:51Z
Lists: pgsql-hackers
* Tom Lane (tgl@sss.pgh.pa.us) wrote: > Maybe so, but the proposed hook placement doesn't actually allow a > plugin module to be "involved" in the authorization --- we've already > decided the authorization is OK. All it can do there is some additional > initialization, which could equally well be done on first use (if any) > of the additional information. Right, I agree that the existing patch isn't what should be done here. > There might be some value in letting a plugin actually have some control > over the authentication process, but I'm not sure offhand what a > reasonable hook design would be. Definitely needs more thought, but that's the direction that I think makes more sense. Thanks! Stephen