Re: Add ldapservice connection parameter

From: Andrew Jackson <andrewjackson947@gmail.com>
Sent: Monday, January 12, 2026 10:50
To: pgsql-hackers <pgsql-hackers@postgresql.org>
Subject: Add ldapservice connection parameter


Currently there exists, only in pg_service.conf, the ability to look
up connection parameters from a centralized LDAP server. This patch
expands the usability of this by allowing it to be specified directly in
a connection string instead of only in a pg_service.conf file.


Hi, Andrew,

I have one question, if LDAP has higher priority, we should put the its code to be before "service" logic, like:

+    if (ldapservice != NULL && strncmp(ldapservice, "ldap", 4) == 0) {
+          if (!ldapServiceLookup(ldapservice, options, errorMessage))
+              return 0;  // return if LDAP processing succeeds.

    /*
     * We have to special-case the environment variable PGSERVICE here, since
     * this is and should be called before inserting environment defaults for
     * other connection options.
     */
    if (service == NULL)
        service = getenv("PGSERVICE");

    /* If no service name given, nothing to do */
    if (service == NULL)
        return 0;

This will be consistent with how PG processes the pg_service.conf file.
See https://www.postgresql.org/docs/18/libpq-ldap.html
"Processing of pg_service.conf is terminated after a successful LDAP lookup, but is continued if the LDAP server cannot
becontacted." 

Thanks,
Steven