Thread
-
Re: Periodic authorization expiration checks using GoAway message
Jacob Champion <jacob.champion@enterprisedb.com> — 2025-12-16T19:53:55Z
On Mon, Dec 15, 2025 at 1:50 PM Jelte Fennema-Nio <postgres@jeltef.nl> wrote: > What metadata > are you worried about changing mid transaction that could mess stuff > up? The primary one I can imagine is the username The HBA inputs can't be allowed to change; that's not what I'm worried about. The system_user might change. Cached SCRAM keys can change. Every certificate-derived piece of metadata in sslinfo could change. MyProcPort->peer and MyProcPort->gss might be wholly reassigned. And any user-metadata functions provided by OAuth validator modules would need to carefully consider their volatility guarantees at minimum. There's probably more. --Jacob