Received: from malur.postgresql.org ([217.196.149.56])
	by arkaria.postgresql.org with esmtps  (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.94.2)
	(envelope-from <pgsql-general-owner+archive@lists.postgresql.org>)
	id 1sU8Cg-000fGi-8w
	for pgsql-general@arkaria.postgresql.org; Wed, 17 Jul 2024 17:12:34 +0000
Received: from localhost ([127.0.0.1] helo=malur.postgresql.org)
	by malur.postgresql.org with esmtp (Exim 4.94.2)
	(envelope-from <pgsql-general-owner+archive@lists.postgresql.org>)
	id 1sU8Bg-003LPo-4D
	for pgsql-general@arkaria.postgresql.org; Wed, 17 Jul 2024 17:11:32 +0000
Received: from makus.postgresql.org ([2001:4800:3e1:1::229])
	by malur.postgresql.org with esmtps  (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.94.2)
	(envelope-from <tgl@sss.pgh.pa.us>)
	id 1sU8Bf-003LPf-Px
	for pgsql-general@lists.postgresql.org; Wed, 17 Jul 2024 17:11:32 +0000
Received: from sss.pgh.pa.us ([68.162.161.243])
	by makus.postgresql.org with esmtps  (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.94.2)
	(envelope-from <tgl@sss.pgh.pa.us>)
	id 1sU8Bd-0003RA-O8
	for pgsql-general@lists.postgresql.org; Wed, 17 Jul 2024 17:11:30 +0000
Received: from sss1.sss.pgh.pa.us (localhost [127.0.0.1])
	by sss.pgh.pa.us (8.15.2/8.15.2) with ESMTP id 46HHBQFD3567052;
	Wed, 17 Jul 2024 13:11:27 -0400
From: Tom Lane <tgl@sss.pgh.pa.us>
To: "Gaisford, Phillip" <phillip.gaisford@hpe.com>
cc: "pgsql-general@lists.postgresql.org" <pgsql-general@lists.postgresql.org>
Subject: Re: Issue with configuration parameter "require_auth"
In-reply-to: <DM4PR84MB15178765743B35906D9F380D8DA32@DM4PR84MB1517.NAMPRD84.PROD.OUTLOOK.COM>
References: <DM4PR84MB15172CC4665076AB1248F3CC8DDF2@DM4PR84MB1517.NAMPRD84.PROD.OUTLOOK.COM> <3554314.1721229835@sss.pgh.pa.us> <DM4PR84MB15178765743B35906D9F380D8DA32@DM4PR84MB1517.NAMPRD84.PROD.OUTLOOK.COM>
Comments: In-reply-to "Gaisford, Phillip" <phillip.gaisford@hpe.com>
	message dated "Wed, 17 Jul 2024 16:17:16 -0000"
MIME-Version: 1.0
Content-Type: text/plain; charset="UTF-8"
Content-ID: <3567050.1721236286.1@sss.pgh.pa.us>
Content-Transfer-Encoding: quoted-printable
Date: Wed, 17 Jul 2024 13:11:26 -0400
Message-ID: <3567051.1721236286@sss.pgh.pa.us>
List-Id: <pgsql-general.lists.postgresql.org>
List-Help: <https://lists.postgresql.org/manage/>
List-Subscribe: <https://lists.postgresql.org/manage/>
List-Post: <mailto:pgsql-general@lists.postgresql.org>
List-Owner: <mailto:pgsql-general-owner@lists.postgresql.org>
List-Archive: <https://www.postgresql.org/list/pgsql-general>
Archived-At: <https://www.postgresql.org/message-id/3567051.1721236286%40sss.pgh.pa.us>
Precedence: bulk

"Gaisford, Phillip" <phillip.gaisford@hpe.com> writes:
> So what would a connection URI using require_auth properly look like? He=
re=E2=80=99s what I have been trying:

> url: "postgres://postgres:postgres@localhost:5432/aioli?require_auth=3Dp=
assword&application_name=3Daioli-controller&sslmode=3Ddisable&sslrootcert=3D=
",

Hm, that looks right (and behaves as-expected here).

What version of what client-side stack are you using?  For me, libpq 16
and up recognize this parameter, while older versions fail with

psql: error: invalid URI query parameter: "require_auth"

If you're using some other client driver, maybe it doesn't know this
parameter and guesses that it should be passed to the server.

			regards, tom lane