Re: localhost ssl

On 1/22/21 3:54 PM, Adrian Klaver wrote:
> On 1/22/21 2:48 PM, Rob Sargent wrote:
>>
>> Honest, I've been reading 18.9 but as you can see it uses CN for host
>> and then 20.12 suggests using CN for role.
>
> Difference between server certificate and client certificate.
>
> To get a handle on this is going to take an outline of what your
> authentication needs are?
>
>
>>
>> Yes, I'm confused.  As I said in reply to Jeff, I would rather not
>> need to remember to set the search_path, which I can avoid if I login
>> as "role".
>
> I have not seen that conversation and I do not see it in the archive
> either. Is that off-list, different thread, something else?
>
>
I missed reply-all on responding to Jeff. Here is that for the list:

> This is what I use. We have a user and schema per client in a
multi->tenant database, as in user = bob, schema = bob, database =
our_company
>
> alter user bob set search_path to bob,our_company_common,public;
>
> Not sure your use case is the same though...

Yes, my case is very similar. I just want to avoid needing to remember
to set the search_path every time. Since I alter the role to have a
specific search_path as follows, all I need to do is login as "bob":

create schema if not exists sgstemplate\p\g
create role sgstemplate with login encrypted password '<SOMETHING>'\p\g
alter role sgstemplate set search_path=sgstemplate,base,public\p\g
grant connect on database PROJDB to sgstemplate\p\g

"sgstemplate" gets reset by "sed s/sgstemplate/bob/g"

I only wish I could set a default database as well, but IMHO that's a
failing of JDBC as much as postgres.
>