Thread

  1. Re: Periodic authorization expiration checks using GoAway message

    Jacob Champion <jacob.champion@enterprisedb.com> — 2025-12-16T19:53:55Z

    On Mon, Dec 15, 2025 at 1:50 PM Jelte Fennema-Nio <postgres@jeltef.nl> wrote:
    > What metadata
    > are you worried about changing mid transaction that could mess stuff
    > up? The primary one I can imagine is the username
    
    The HBA inputs can't be allowed to change; that's not what I'm worried about.
    
    The system_user might change. Cached SCRAM keys can change. Every
    certificate-derived piece of metadata in sslinfo could change.
    MyProcPort->peer and MyProcPort->gss might be wholly reassigned. And
    any user-metadata functions provided by OAuth validator modules would
    need to carefully consider their volatility guarantees at minimum.
    There's probably more.
    
    --Jacob