Re: Periodic authorization expiration checks using GoAway message
Jacob Champion <jacob.champion@enterprisedb.com>
From: Jacob Champion <jacob.champion@enterprisedb.com>
To: Hannu Krosing <hannuk@google.com>
Cc: Jelte Fennema-Nio <postgres@jeltef.nl>,
Ajit Awekar <ajitpostgres@gmail.com>, PostgreSQL-development <pgsql-hackers@postgresql.org>,
Dave Cramer <davecramer@gmail.com>, Heikki Linnakangas <hlinnaka@iki.fi>
Date: 2025-12-10T20:02:23Z
Lists: pgsql-hackers
(To call it out explicitly: I work with Ajit, and I asked him to take a look at GoAway, and I'm particularly interested in the "reauthenticate or else" case. Let me know if any of that is problematic -- or if anyone's worried that it will become so -- so I can course-correct sooner rather than later.) On Fri, Nov 28, 2025 at 9:52 AM Hannu Krosing <hannuk@google.com> wrote: > Also have not looked at the patch, but we should also make sure that > there is not just be GoAway, but also a way to re-authenticate or > "extend lease" or whatever the terminology is for a specific > authentication method. I agree. I like the idea of the server coordinating (and then enforcing) connection lifetime and cross-connection handoffs with the client, but like Jelte said, the current GoAway proposal isn't really built for that. Is there enough interest in the more general problem for us to try combining the use cases? Or should they remain separate? Thanks, --Jacob