Thread

  1. Position of ClientAuthentication hook

    Rafia Sabih <rafia.pghackers@gmail.com> — 2021-06-14T12:51:39Z

    Hello hackers,
    
    I have a doubt regarding the positioning of clientAuthentication hook
    in function ClientAuthentication. Particularly, in case of hba errors,
    i.e. cases uaReject or uaImplicitReject it errors out, leading to no
    calls to any functions attached to the authentication hook. Can't we
    process the hook function first and then error out...?
    
    -- 
    Regards,
    Rafia Sabih
    
    
    
    
  2. Re: Position of ClientAuthentication hook

    Robert Haas <robertmhaas@gmail.com> — 2021-06-14T19:04:37Z

    On Mon, Jun 14, 2021 at 8:51 AM Rafia Sabih <rafia.pghackers@gmail.com> wrote:
    > I have a doubt regarding the positioning of clientAuthentication hook
    > in function ClientAuthentication. Particularly, in case of hba errors,
    > i.e. cases uaReject or uaImplicitReject it errors out, leading to no
    > calls to any functions attached to the authentication hook. Can't we
    > process the hook function first and then error out...?
    
    Maybe. One potential problem is that if the hook errors out, the
    original error would be lost and only the error thrown by the hook
    would be logged or visible to the client. Whether or not that's a
    problem depends, I suppose, on what you're trying to do with the hook.
    
    -- 
    Robert Haas
    EDB: http://www.enterprisedb.com
    
    
    
    
  3. Re: Position of ClientAuthentication hook

    Rafia Sabih <rafia.pghackers@gmail.com> — 2021-06-16T09:20:12Z

    On Mon, 14 Jun 2021 at 21:04, Robert Haas <robertmhaas@gmail.com> wrote:
    >
    > On Mon, Jun 14, 2021 at 8:51 AM Rafia Sabih <rafia.pghackers@gmail.com> wrote:
    > > I have a doubt regarding the positioning of clientAuthentication hook
    > > in function ClientAuthentication. Particularly, in case of hba errors,
    > > i.e. cases uaReject or uaImplicitReject it errors out, leading to no
    > > calls to any functions attached to the authentication hook. Can't we
    > > process the hook function first and then error out...?
    >
    > Maybe. One potential problem is that if the hook errors out, the
    > original error would be lost and only the error thrown by the hook
    > would be logged or visible to the client. Whether or not that's a
    > problem depends, I suppose, on what you're trying to do with the hook.
    
    Thanks Robert for this quick clarification.
    
    
    -- 
    Regards,
    Rafia Sabih