From: | Pavel Stehule <pavel(dot)stehule(at)gmail(dot)com> |
---|---|
To: | Dmitry Igrishin <dmitigr(at)gmail(dot)com> |
Cc: | oleg yusim <olegyusim(at)gmail(dot)com>, PostgreSQL General <pgsql-general(at)postgresql(dot)org> |
Subject: | Re: Session Identifiers |
Date: | 2015-12-20 16:44:24 |
Message-ID: | CAFj8pRBd68erVN7N50nMnOad2z_hAn2mK4D7orMHxAdLJ9HzEA@mail.gmail.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-general |
2015-12-20 17:30 GMT+01:00 Dmitry Igrishin <dmitigr(at)gmail(dot)com>:
> Can be totally different if you use some connection pooler like pgpool or
>> pgbouncer - these applications can reuse Postgres server sessions for more
>> user sessions.
>>
> BTW, AFAIK, it's not possible to change the session authentication
> information by
> using SET SESSION AUTHORIZATION [1] if the current user is not a superuser.
> But it would be very nice to have a feature to change the session
> authorization
> of current user even without superuser's privilege by supplying a password
> of
> the user specified in SET SESSION AUTHORIZATION. This feature allows
> to use PostgreSQL's native privileges via connection pools -- i.e. without
> needs to open a dedicated connection for authenticated user. Is it possible
> to implement it?
>
there is a workaround with security definer function and SET role TO ?
Pavel
>
> [1]
> http://www.postgresql.org/docs/9.4/static/sql-set-session-authorization.html
>
From | Date | Subject | |
---|---|---|---|
Next Message | oleg yusim | 2015-12-20 16:52:18 | Re: Session Identifiers |
Previous Message | Dmitry Igrishin | 2015-12-20 16:30:47 | Re: Session Identifiers |