On 2015-05-19 10:53:10 -0400, Robert Haas wrote:
> That seems like a kludge to me. If the cookie leaks out somhow, which
> it will, then it'll be insecure. I think the way to do this is with a
> protocol extension that poolers can enable on request. Then they can
> just refuse to forward any "reset authorization" packets they get from
> their client. There's no backward-compatibility break because the
> pooler can know, from the server version, whether the server is new
> enough to support the new protocol messages.
That sounds like a worse approach to me. Don't you just need to hide the
session authorization bit in a function serverside to circumvent that?
Greetings,
Andres Freund