Participants
Daniel Farina
Daniel Farina
Tom Lane
Tom Lane
Attachments

No attachments in this thread

Thread Outline
#1Daniel FarinaDaniel Farina
Oct 29, 2013
#2Tom LaneTom Laneto Daniel Farina (#1)
Oct 29, 2013
#3Daniel FarinaDaniel Farinato Tom Lane (#2)
Oct 29, 2013

What hook would you recommend for "one time, post authentication"?

Started by Daniel Farinaabout 12 years ago3 messages
#1Daniel Farina
Daniel Farina
daniel@heroku.com

What hook would you recommend that matches this criteria:

* Runs post-authentication

* ..Once

I was putting together a little extension module[0]https://github.com/fdr/pg_connlimit intended to do
connection limits out-of-band with the catalog (so that hot standbys
and primaries can have different imposed connection limits), but am
stymied because I can't locate a hook matching this description.

My general approach has been to try to use
GetUserNameFromId(GetSessionUserId()), but this requires
InitializeSessionUserId be called first, and that has been causing me
some trouble.

ClientAuthentication_hook is too early (authentication has not yet
happened, InitializeSessionUserId has not been called). Many of the
other hooks are run per query (like the Executor hooks). And,
postinit.c is not giving me a lot of clues here and nothing with the
lexeme 'hook' is giving me a lot of confidence as seen in
typedefs.list/grep.

I appreciate any advice one can supply, thank you.

[0]: https://github.com/fdr/pg_connlimit

--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers

#2Tom Lane
Tom Lane
tgl@sss.pgh.pa.us
In reply to: Daniel Farina (#1)
Re: What hook would you recommend for "one time, post authentication"?

Daniel Farina <daniel@heroku.com> writes:

What hook would you recommend that matches this criteria:
* Runs post-authentication

* ..Once

ClientAuthentication_hook

My general approach has been to try to use
GetUserNameFromId(GetSessionUserId()), but this requires
InitializeSessionUserId be called first, and that has been causing me
some trouble.

So don't do that. The HBA code uses

roleid = get_role_oid(port->user_name, true);

and actually if you just want the string form you could use
port->user_name without any extra pushups (bearing in mind that
it might or might not be a valid user name).

regards, tom lane

--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers

#3Daniel Farina
Daniel Farina
daniel@heroku.com
In reply to: Tom Lane (#2)
Re: What hook would you recommend for "one time, post authentication"?

On Mon, Oct 28, 2013 at 6:27 PM, Tom Lane <tgl@sss.pgh.pa.us> wrote:

roleid = get_role_oid(port->user_name, true);

Thank you for that, that appears to work very well to my purpose, as
does ClientAuthentication_hook, now.

--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers

← Back to Topics