Re: SCRAM pass-through authentication for postgres_fdw

On 04/12/24 20:05, Jelte Fennema-Nio wrote:
> On Wed, 4 Dec 2024 at 23:11, Jacob Champion
> <jacob(dot)champion(at)enterprisedb(dot)com> wrote:
>> It makes me a little uneasy to give users a reason to copy identical
>> salts/verifiers around... But for e.g. a loopback connection, it seems
>> like there'd be no additional risk. Is that the target use case?
>
> I don't think that necessarily has to be the usecase,
> clustering/sharding setups could benefit from this too. PgBouncer
> supports the same functionality[1]. I only see advantages over the
> alternative, which is copying the plaintext password around. In case
> of compromise of the server, only the salt+verifier has to be rotated,
> not the actual user password.
The patch is very similar with what was implemented on PgBoucer[1]

> Regarding the actual patch: This definitely needs a bunch of
> documentation explaining how to use this and when not to use this.
I'm attaching a patch with a initial documentation, so that we can get
initial thoughts (not sure if I should put the documentation on the
same patch of code changes).

Thanks!

[1]
https://github.com/pgbouncer/pgbouncer/commit/ba1abfe#diff-128a3f9ffa6a6f3863e843089ede6d07010215acf49c66b2d1f1d9baba2f49e7R1001

--
Matheus Alcantara
EDB: https://www.enterprisedb.com