Received: from malur.postgresql.org ([217.196.149.56])
	by arkaria.postgresql.org with esmtps  (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.94.2)
	(envelope-from <pgsql-general-owner+archive@lists.postgresql.org>)
	id 1s6uL6-002P3z-3Q
	for pgsql-general@arkaria.postgresql.org; Tue, 14 May 2024 15:45:17 +0000
Received: from localhost ([127.0.0.1] helo=malur.postgresql.org)
	by malur.postgresql.org with esmtp (Exim 4.94.2)
	(envelope-from <pgsql-general-owner+archive@lists.postgresql.org>)
	id 1s6uL6-00GSWt-5v
	for pgsql-general@arkaria.postgresql.org; Tue, 14 May 2024 15:45:16 +0000
Received: from makus.postgresql.org ([2001:4800:3e1:1::229])
	by malur.postgresql.org with esmtps  (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.94.2)
	(envelope-from <tgl@sss.pgh.pa.us>)
	id 1s6uL5-00GSWk-S8
	for pgsql-general@lists.postgresql.org; Tue, 14 May 2024 15:45:15 +0000
Received: from sss.pgh.pa.us ([68.162.161.243])
	by makus.postgresql.org with esmtps  (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.94.2)
	(envelope-from <tgl@sss.pgh.pa.us>)
	id 1s6uL3-000BEu-9R
	for pgsql-general@postgresql.org; Tue, 14 May 2024 15:45:14 +0000
Received: from sss1.sss.pgh.pa.us (localhost [127.0.0.1])
	by sss.pgh.pa.us (8.15.2/8.15.2) with ESMTP id 44EFj93B1102604;
	Tue, 14 May 2024 11:45:09 -0400
From: Tom Lane <tgl@sss.pgh.pa.us>
To: Adrian Klaver <adrian.klaver@aklaver.com>
cc: Rama Krishnan <raghuldrag@gmail.com>,
        Postgres General <pgsql-general@postgresql.org>
Subject: Re: Valid until
In-reply-to: <7dff9a17-744d-437b-847c-18c161c8a901@aklaver.com>
References: <CAJWX+EOModYYe-LDVP_1zceryEd186u=pcaTE6Sb_9XMtjhWKA@mail.gmail.com> <7dff9a17-744d-437b-847c-18c161c8a901@aklaver.com>
Comments: In-reply-to Adrian Klaver <adrian.klaver@aklaver.com>
	message dated "Tue, 14 May 2024 08:27:02 -0700"
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-ID: <1102602.1715701509.1@sss.pgh.pa.us>
Date: Tue, 14 May 2024 11:45:09 -0400
Message-ID: <1102603.1715701509@sss.pgh.pa.us>
List-Id: <pgsql-general.lists.postgresql.org>
List-Help: <https://lists.postgresql.org/manage/>
List-Subscribe: <https://lists.postgresql.org/manage/>
List-Post: <mailto:pgsql-general@lists.postgresql.org>
List-Owner: <mailto:pgsql-general-owner@lists.postgresql.org>
List-Archive: <https://www.postgresql.org/list/pgsql-general>
Archived-At: <https://www.postgresql.org/message-id/1102603.1715701509%40sss.pgh.pa.us>
Precedence: bulk

Adrian Klaver <adrian.klaver@aklaver.com> writes:
> On 5/14/24 00:57, Rama Krishnan wrote:
>> I recently set a user's password validity to "2024-05-13", but despite 
>> this, the user is still able to connect to the database. Is this a bug, 
>> or is the "valid until" parameter just for identification purposes, 
>> indicating when the password will expire?

>      The VALID UNTIL clause sets a date and time after which the role's 
> password is no longer valid. If this clause is omitted the password will 
> be valid for all time.

The important point there is that the *password* is not usable after
the specified date.  If the user logs in via some non-password-based
authentication method, that's fine (and it's on the infrastructure
of that auth method to enforce whatever restrictions it thinks are
appropriate).

			regards, tom lane