Re: [PATCH] Expose port->authn_id to extensions and triggers
Michael Paquier <michael@paquier.xyz>
From: Michael Paquier <michael@paquier.xyz>
To: Jacob Champion <pchampion@vmware.com>
Cc: "tgl@sss.pgh.pa.us" <tgl@sss.pgh.pa.us>, "rjuju123@gmail.com" <rjuju123@gmail.com>, "pgsql-hackers@postgresql.org" <pgsql-hackers@postgresql.org>, "andres@anarazel.de" <andres@anarazel.de>, "sfrost@snowman.net" <sfrost@snowman.net>
Date: 2022-04-06T11:09:36Z
Lists: pgsql-hackers
On Tue, Apr 05, 2022 at 06:23:06PM +0000, Jacob Champion wrote: > Whether it holds meaning or not depends entirely on the auth method, I > think. Hypothetical example -- a system could accept client > certificates with an empty Subject. What identity that Subject > represents would depend on the organization, but it's distinct from > NULL/unauthenticated because the certificate is still signed by a CA. Interesting point. > The current patch already handles NULL with a byte of overhead; is > there any advantage to using noError? (It might make things messier > once a second member gets added to the struct.) My concern was directed > at the GUC proposal. FWIW, I am a bit concerned by this approach because it feels inconsistent with any other conditional fields passed down from the parallel leader to its workers. And if we need to add more fields to ParallelProcInfo in the future, it will be cleaner to use different TOC keys to pass down different fields anyway, no? -- Michael
Commits
-
Remove initialization of MyClientConnectionInfo at backend startup
- 701ac2cb1fa2 16.0 landed
-
Allow parallel workers to retrieve some data from Port
- d951052a9e02 16.0 landed