Re: [pgAdmin4][Patch]- Feature #7012 - disable master password requirement when using alternative auth source

public inbox for [email protected]  
help / color / mirror / Atom feed

From: Akshay Joshi <[email protected]>
To: Khushboo Vashi <[email protected]>
Cc: pgadmin-hackers <[email protected]>
Subject: Re: [pgAdmin4][Patch]- Feature #7012 - disable master password requirement when using alternative auth source
Date: Mon, 11 Apr 2022 13:49:49 +0530
Message-ID: <CANxoLDf_X=dbuhgoyiHNDNEXJB+bMJCDWME5HyYwthbkR1eyKg@mail.gmail.com> (raw)
In-Reply-To: <CAFOhELcrv+Rm0bBmXt1-c8NOpsaxinKi=QQTn491dbcUo2xjZA@mail.gmail.com>
References: <CAFOhELcrv+Rm0bBmXt1-c8NOpsaxinKi=QQTn491dbcUo2xjZA@mail.gmail.com>

Thanks, the patch applied.

On Mon, Apr 11, 2022 at 12:00 PM Khushboo Vashi <
[email protected]> wrote:

> Hi,
>
> Please find the attached patch to implement the feature #7012 - Disable
> master password requirement when using alternative auth source
>
> When pgAdmin stores a connection password, it encrypts it using a key that
> is formed either from the master password, or from the pgAdmin login
> password for the user. In the case of auth methods such as OAuth, Kerberos
> or Webserver, pgAdmin doesn't have access to anything long-lived to form
> the encryption key from, hence it uses the master password. And if the
> master is disabled, there is no way to store the connection password.
>
> To resolve this, we have added an option to config.py (which defaults to
> None) for an alternate encryption key. pgAdmin would use this if a) the
> master password is disabled AND b) there is no suitable key/password
> available from the auth module for the user. If the option is set to
> None, pgAdmin works as it does now.
>
> Thanks,
> Khushboo
>


-- 
*Thanks & Regards*
*Akshay Joshi*
*pgAdmin Hacker | Principal Software Architect*
*EDB Postgres <http://edbpostgres.com>*

*Mobile: +91 976-788-8246*

view thread (14+ messages)  latest in thread

reply

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Reply to all the recipients using the --to and --cc options:
  reply via email

  To: [email protected]
  Cc: [email protected], [email protected]
  Subject: Re: [pgAdmin4][Patch]- Feature #7012 - disable master password requirement when using alternative auth source
  In-Reply-To: <CANxoLDf_X=dbuhgoyiHNDNEXJB+bMJCDWME5HyYwthbkR1eyKg@mail.gmail.com>

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox