Superuser can permit passwordless connections on postgres_fdw - postgresql.git - This is the main PostgreSQL git repository.

diff options

author	Andrew Dunstan	2019-12-20 05:53:34 +0000
committer	Andrew Dunstan	2019-12-20 05:53:34 +0000
commit	6136e94dcb88c50b6156aa646746565400e373d4 (patch)
tree	41c6d3367fdae86234a8b796cabcd65a0c61c0a8 /contrib/jsonb_plpython
parent	16a4e4aecd47da7a6c4e1ebc20f6dd1a13f9133b (diff)

Superuser can permit passwordless connections on postgres_fdw

Currently postgres_fdw doesn't permit a non-superuser to connect to a foreign server without specifying a password, or to use an authentication mechanism that doesn't use the password. This is to avoid using the settings and identity of the user running Postgres. However, this doesn't make sense for all authentication methods. We therefore allow a superuser to set "password_required 'false'" for user mappings for the postgres_fdw. The superuser must ensure that the foreign server won't try to rely solely on the server identity (e.g. trust, peer, ident) or use an authentication mechanism that relies on the password settings (e.g. md5, scram-sha-256). This feature is a prelude to better support for sslcert and sslkey settings in user mappings. Author: Craig Ringer. Discussion: https://postgr.es/m/075135da-545c-f958-fed0-5dcb462d6dae@2ndQuadrant.com

Diffstat (limited to 'contrib/jsonb_plpython')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: