Hi,
On 8/10/22 5:09 PM, Jacob Champion wrote:
> On Tue, Aug 9, 2022 at 3:39 AM Drouvot, Bertrand <bdrouvot@amazon.com> wrote:
>> Agree that it makes sense to work on those patches in this particular
>> order then.
> Sounds good. The ClientConnectionInfo patch (previously 0002) is
> attached, with the SQL function removed.
Thanks for the patch!
Looking at:
+typedef struct
+{
+ /*
+ * Authenticated identity. The meaning of this identifier is
dependent on
+ * hba->auth_method; it is the identity (if any) that the user
presented
+ * during the authentication cycle, before they were assigned a
database
+ * role. (It is effectively the "SYSTEM-USERNAME" of a pg_ident
usermap
+ * -- though the exact string in use may be different, depending on
pg_hba
+ * options.)
+ *
+ * authn_id is NULL if the user has not actually been
authenticated, for
+ * example if the "trust" auth method is in use.
+ */
+ const char *authn_id;
+} ClientConnectionInfo;
What do you think about adding a second field in ClientConnectionInfo
for the auth method (as suggested by Michael upthread)?
That will be needed by the SYSTEM_USER patch (that its current version
implements as "auth_method:identity").
Thanks,
--
Bertrand Drouvot
Amazon Web Services: https://aws.amazon.com