In response to Tom Lane <tgl@sss.pgh.pa.us>:
> "Willy-Bas Loos" <willybas@gmail.com> writes:
> > Tom Lane wrote:
> >> I think that the
> >> main bottleneck would be the "flat file" that's used to tell the
> >> postmaster about the set of valid users --- every time a user is
> >> added/dropped/changed, that file gets rewritten and then re-parsed
> >> by the postmaster. So you could eat a lot of overhead if you change
> >> users every few seconds or something like that.
>
> > What you describe Tom (flat file), sounds a bit strange to me. Aren't users
> > stored in a table? (pg_catalog.pg_authid)
>
> Yeah, but the postmaster can't read pg_authid, nor any other table,
> because it's not logically connected to the database. So any change
> to pg_authid gets copied to a "flat" ASCII-text file for the postmaster.
Would using kerberos or some other external auth mechanism work around this?
--
Bill Moran
Collaborative Fusion Inc.