| From: | Michael Paquier <michael(dot)paquier(at)gmail(dot)com> |
|---|---|
| To: | Valery Popov <v(dot)popov(at)postgrespro(dot)ru> |
| Cc: | Dmitry Dolgov <9erthalion6(at)gmail(dot)com>, PostgreSQL mailing lists <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: [REVIEW]: Password identifiers, protocol aging and SCRAM protocol |
| Date: | 2016-03-02 11:55:17 |
| Message-ID: | CAB7nPqQxdgQRien=dCJuCPfHvPhsMTkvdU8S3vvNn5+9OAZj8w@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Wed, Mar 2, 2016 at 5:43 PM, Valery Popov <v(dot)popov(at)postgrespro(dot)ru> wrote:
>
>>> <para>
>>> <varname>db_user_namespace</> causes the client's and
>>> server's user name representation to differ.
>>> Authentication checks are always done with the server's user name
>>> so authentication methods must be configured for the
>>> server's user name, not the client's. Because
>>> <literal>md5</> uses the user name as salt on both the
>>> client and server, <literal>md5</> cannot be used with
>>> <varname>db_user_namespace</>.
>>> </para>
>
> Also in doc/src/sgml/ref/create_role.sgml is should be instead of
> <term>PASSWORD VERIFIERS ( <replaceable
> class="PARAMETER">verifier_type</replaceable> = '<replaceable
> class="PARAMETER">password</replaceable>'</term>
> like this
> <term><literal>PASSWORD VERIFIERS</> ( <replaceable
> class="PARAMETER">verifier_type</replaceable> = '<replaceable
> class="PARAMETER">password</replaceable>'</term>
So the <literal> markup is missing. Thanks. I am taking note of it.
--
Michael
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Magnus Hagander | 2016-03-02 12:19:27 | Re: Commitfest Bug (was: Re: Reusing abbreviated keys during second pass of ordered [set] aggregates) |
| Previous Message | Simon Riggs | 2016-03-02 10:57:52 | Re: [NOVICE] WHERE clause not used when index is used |