On Mon, Aug 6, 2018 at 8:52 AM, Craig Ringer <craig@2ndquadrant.com> wrote:
> Currently postgres_fdw cannot be used with 'cert' authentication, i.e.
> client-certificate validation and cert cn => postgres username mapping. You
> also can't use things like Kerberos, SSPI, etc with a superuser-created FDW
> and username map.
>
> To permit this, I'd like to allow postgres_fdw user mappings to be created
> with a new 'permit_passwordless' option. Only the superuser is allowed to
> create such a mapping. If it's set to true, we bypass the
> check_conn_params(...) connection-string password check and the
> connect_pg_server(...) check for the conn using a password when a
> non-superuser establishes a connection.
Note that ab3f008a2dc364cf7fb75de0a691fb0c61586c8e provides some
relief -- if the superuser creates a view, then as of 11, the checks
won't be applied when unprivileged users select from the view.
--
Robert Haas
EnterpriseDB: http://www.enterprisedb.com
The Enterprise PostgreSQL Company