From: | Ron <ronljohnsonjr(at)gmail(dot)com> |
---|---|
To: | pgsql-general(at)lists(dot)postgresql(dot)org |
Subject: | Re: Can the current session be notified and refreshed with a new credentials context? |
Date: | 2020-06-22 21:21:19 |
Message-ID: | 1fc4b6d1-e81f-2f8e-b958-18c13ac144e2@gmail.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-general |
On 6/22/20 4:07 PM, AC Gomez wrote:
> Suppose you have the following scenario:
>
> 1: Call some function with a certain user and password
> 2: From inside that function, have several calls using DBLink
> 3: At some point during the running of that function a password rotation(a
> separate process) comes along and updates the session user password and
> the User Mappings with this new rotated password
> 4: Now there is a discrepancy between the password used when the session
> started and the password in the User Mappings
> 5: The result is that on the next DBLink call the main function will fail
> because the session is still running with the old password but we have
> changed the User Mappings.
>
> We have proven this by separating out every DBLINK call as its own new
> session and running password rotation in between dblink calls. Then things
> will work.
>
> My question: Is there a way to update or refresh the session with the new
> password that was rotated so that the main function keeps running
> seamlessly through all it's DBLink calls?
>
> If something like this is not available, then password rotation can _only
> run_ when nothing else is running.
I've not seen such a thing on *any* system.
--
Angular momentum makes the world go 'round.
From | Date | Subject | |
---|---|---|---|
Next Message | David G. Johnston | 2020-06-22 21:27:56 | Re: Can the current session be notified and refreshed with a new credentials context? |
Previous Message | Michael Lewis | 2020-06-22 21:08:41 | Re: autovacuum failing on pg_largeobject and disk usage of the pg_largeobject growing unchecked |