| From: | Pavel Stehule <pavel(dot)stehule(at)gmail(dot)com> |
|---|---|
| To: | Dmitry Igrishin <dmitigr(at)gmail(dot)com> |
| Cc: | oleg yusim <olegyusim(at)gmail(dot)com>, PostgreSQL General <pgsql-general(at)postgresql(dot)org> |
| Subject: | Re: Session Identifiers |
| Date: | 2015-12-20 16:44:24 |
| Message-ID: | CAFj8pRBd68erVN7N50nMnOad2z_hAn2mK4D7orMHxAdLJ9HzEA@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
2015-12-20 17:30 GMT+01:00 Dmitry Igrishin <dmitigr(at)gmail(dot)com>:
> Can be totally different if you use some connection pooler like pgpool or
>> pgbouncer - these applications can reuse Postgres server sessions for more
>> user sessions.
>>
> BTW, AFAIK, it's not possible to change the session authentication
> information by
> using SET SESSION AUTHORIZATION [1] if the current user is not a superuser.
> But it would be very nice to have a feature to change the session
> authorization
> of current user even without superuser's privilege by supplying a password
> of
> the user specified in SET SESSION AUTHORIZATION. This feature allows
> to use PostgreSQL's native privileges via connection pools -- i.e. without
> needs to open a dedicated connection for authenticated user. Is it possible
> to implement it?
>
there is a workaround with security definer function and SET role TO ?
Pavel
>
> [1]
> http://www.postgresql.org/docs/9.4/static/sql-set-session-authorization.html
>
| From | Date | Subject | |
|---|---|---|---|
| Next Message | oleg yusim | 2015-12-20 16:52:18 | Re: Session Identifiers |
| Previous Message | Dmitry Igrishin | 2015-12-20 16:30:47 | Re: Session Identifiers |