Re: Periodic authorization expiration checks using GoAway message

Jacob Champion <jacob.champion@enterprisedb.com>

From: Jacob Champion <jacob.champion@enterprisedb.com>
To: Jelte Fennema-Nio <postgres@jeltef.nl>
Cc: Hannu Krosing <hannuk@google.com>, Ajit Awekar <ajitpostgres@gmail.com>, PostgreSQL-development <pgsql-hackers@postgresql.org>, Dave Cramer <davecramer@gmail.com>, Heikki Linnakangas <hlinnaka@iki.fi>
Date: 2025-12-15T17:31:33Z
Lists: pgsql-hackers
On Mon, Dec 15, 2025 at 9:28 AM Jelte Fennema-Nio <postgres@jeltef.nl> wrote:
> To clarify: I meant the timeout as a backstop in this flow. Once the
> client receives a 'R' message it should be re-authenticating ASAP. But
> if it still had some messages in flight, the server can still choose
> to process them during a grace period.

But it seems iffy to change authentication metadata associated with
the connection halfway through a transaction, no? Am I missing
something that makes that architecturally safe?

--Jacob