On Sun, Dec 31, 2023 at 2:20 PM Joe Conway <mail@joeconway.com> wrote:
> On 12/30/23 17:19, Michał Kłeczek wrote:
> >> On 30 Dec 2023, at 17:16, Eric Hanson <eric@aquameta.com> wrote:
> >>
> >> What do you think of adding a NO RESET option to the SET ROLE command?
> >
> > What I proposed some time ago is SET ROLE … GUARDED BY ‘password’, so
> > that you could later: RESET ROLE WITH ‘password'
>
> I like that too, but see it as a separate feature. FWIW that is also
> supported by the set_user extension referenced elsewhere on this thread.
IMHO, the best solution here would be a protocol message to change the
session user. The pooler could use that repeatedly on the same
session, but refuse to propagate such messages from client
connections.
--
Robert Haas
EDB: http://www.enterprisedb.com