Re: Thoughts on pg_hba.conf rejection

Robert Haas <robertmhaas@gmail.com>

From: Robert Haas <robertmhaas@gmail.com>
To: Simon Riggs <simon@2ndquadrant.com>
Cc: Alvaro Herrera <alvherre@commandprompt.com>, Tom Lane <tgl@sss.pgh.pa.us>, Stephen Frost <sfrost@snowman.net>, Bruce Momjian <bruce@momjian.us>, Aidan Van Dyk <aidan@highrise.ca>, Joshua Tolley <eggyknap@gmail.com>, pgsql-hackers@postgresql.org
Date: 2010-04-19T21:52:56Z
Lists: pgsql-hackers
On Mon, Apr 19, 2010 at 5:22 PM, Simon Riggs <simon@2ndquadrant.com> wrote:
> On Mon, 2010-04-19 at 17:08 -0400, Robert Haas wrote:
>
>> Oh.  Then I'm confused.  Tom said: "as of 9.0, it's necessary to
>> connect to some database in order to proceed with auth checking".  Why
>> is that necessary
>
> It's not, I just explained how to do it without.

Your explanation seems to presuppose that we somehow can't process the
database-specific rules before selecting a database.  I don't
understand why that would be the case.  Why can't we just check all
the rules and then, if we decide to allow the connection, select the
database?

...Robert