Обсуждение: Add ldapservice connection parameter
Currently there exists, only in pg_service.conf, the ability to look up connection parameters from a centralized LDAP server. This patch expands the usability of this by allowing it to be specified directly in a connection string instead of only in a pg_service.conf file.
Вложения
From: Andrew Jackson <andrewjackson947@gmail.com>
Sent: Monday, January 12, 2026 10:50
To: pgsql-hackers <pgsql-hackers@postgresql.org>
Subject: Add ldapservice connection parameter
Currently there exists, only in pg_service.conf, the ability to look
up connection parameters from a centralized LDAP server. This patch
expands the usability of this by allowing it to be specified directly in
a connection string instead of only in a pg_service.conf file.
Hi, Andrew,
I have one question, if LDAP has higher priority, we should put the its code to be before "service" logic, like:
+ if (ldapservice != NULL && strncmp(ldapservice, "ldap", 4) == 0) {
+ if (!ldapServiceLookup(ldapservice, options, errorMessage))
+ return 0; // return if LDAP processing succeeds.
/*
* We have to special-case the environment variable PGSERVICE here, since
* this is and should be called before inserting environment defaults for
* other connection options.
*/
if (service == NULL)
service = getenv("PGSERVICE");
/* If no service name given, nothing to do */
if (service == NULL)
return 0;
This will be consistent with how PG processes the pg_service.conf file.
See https://www.postgresql.org/docs/18/libpq-ldap.html
"Processing of pg_service.conf is terminated after a successful LDAP lookup, but is continued if the LDAP server cannot
becontacted."
Thanks,
Steven
Hi!
Thanks for your patch!
Adding to the one Steven wrote, I noticed one typo in the patch:
@@ -2337,7 +2337,7 @@ postgresql://%2Fvar%2Flib%2Fpostgresql/dbname
<term><literal>ldapservice</literal></term>
<listitem>
<para>
- This option specifies an LDAP query that can be used to reference connection paremeters
+ This option specifies an LDAP query that can be used to reference connection parameters
stored in an LDAP server. This functionality is described in more detail in <xref linkend="libpq-ldap"/>.
</para>
paremeters -> parameters
--
Best regards,
Roman Khapov
Steven and Roman, Thank you for the review. Here is an updated patch that addresses both of these issues. On Mon, Jan 12, 2026 at 4:06 AM Roman Khapov <rkhapov@yandex-team.ru> wrote: > > Hi! > > Thanks for your patch! > > Adding to the one Steven wrote, I noticed one typo in the patch: > > @@ -2337,7 +2337,7 @@ postgresql://%2Fvar%2Flib%2Fpostgresql/dbname > <term><literal>ldapservice</literal></term> > <listitem> > <para> > - This option specifies an LDAP query that can be used to reference connection paremeters > + This option specifies an LDAP query that can be used to reference connection parameters > stored in an LDAP server. This functionality is described in more detail in <xref linkend="libpq-ldap"/>. > </para> > > paremeters -> parameters > > -- > Best regards, > Roman Khapov