Received: from malur.postgresql.org ([217.196.149.56])
	by arkaria.postgresql.org with esmtps  (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.94.2)
	(envelope-from <pgsql-general-owner+archive@lists.postgresql.org>)
	id 1s6uRw-002Pjz-Vx
	for pgsql-general@arkaria.postgresql.org; Tue, 14 May 2024 15:52:22 +0000
Received: from localhost ([127.0.0.1] helo=malur.postgresql.org)
	by malur.postgresql.org with esmtp (Exim 4.94.2)
	(envelope-from <pgsql-general-owner+archive@lists.postgresql.org>)
	id 1s6uRw-00Ga3v-Nw
	for pgsql-general@arkaria.postgresql.org; Tue, 14 May 2024 15:52:20 +0000
Received: from makus.postgresql.org ([2001:4800:3e1:1::229])
	by malur.postgresql.org with esmtps  (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.94.2)
	(envelope-from <imtiaz.m@bitnine.net>)
	id 1s6uRw-00Ga3l-Cy
	for pgsql-general@lists.postgresql.org; Tue, 14 May 2024 15:52:20 +0000
Received: from mail-lj1-x230.google.com ([2a00:1450:4864:20::230])
	by makus.postgresql.org with esmtps  (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
	(Exim 4.94.2)
	(envelope-from <imtiaz.m@bitnine.net>)
	id 1s6uRt-000BHU-MK
	for pgsql-general@postgresql.org; Tue, 14 May 2024 15:52:18 +0000
Received: by mail-lj1-x230.google.com with SMTP id 38308e7fff4ca-2e564cad1f6so49464871fa.1
        for <pgsql-general@postgresql.org>; Tue, 14 May 2024 08:52:17 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=bitnine-net.20230601.gappssmtp.com; s=20230601; t=1715701936; x=1716306736; darn=postgresql.org;
        h=cc:to:subject:message-id:date:from:in-reply-to:references
         :mime-version:from:to:cc:subject:date:message-id:reply-to;
        bh=ZngGw2JxEmssGiuqjX0cVEAgFNiYRdiLyaNtjEEubXs=;
        b=pFUmdz4UauDCZOn+e4XFALt+9nPIGwsAP0vDzM6vAIv+lqGtRcQ/YzzDYCbZXkyzuE
         ahz/cRIR/aak1FwXffq78Xr9vonXJOXwA2DxcdyyJThvon1FRSNA8yWC/4hUbWdqkpt4
         De0kwy2WCeQpLG66GoN4Jv9RQIZonDb8dSrmB70qOKdIoe/5CdOOZ+Rks4OfMohl3h8A
         soZO4RRDTqmoBdJ7ESBF0IynA2NM38lPFllcTwg5fQASTvNfl9kGxOEVC2G8N2OuKQ5q
         d+ukRqs1sQZtIWwggMCH4q3KzewCwubotr2oNJc+38hFqwfZyDaW2x+B2MiCJEo4pdgE
         cEQg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1715701936; x=1716306736;
        h=cc:to:subject:message-id:date:from:in-reply-to:references
         :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id
         :reply-to;
        bh=ZngGw2JxEmssGiuqjX0cVEAgFNiYRdiLyaNtjEEubXs=;
        b=MLr1Kv5ZPknp5RyAfVqkxUxEFkVNyV0gtuKTwENOxb3CtAgJmSrTVD5GpDrQXwrjn9
         7wdvgbCgUAXaA+A9Lf88OWlDBN+wQzJKYmfewixYGllyLk4b3WGjluNtdGvnS9NfRuUm
         /w2K5IEmXpdYd9Z3F1HHILT6KKmISNCBYClTwT45BizyRJJ+Ifp+RX4hFlAmvMVIkCFx
         ZZAZez1UY/5xikgBHSU3FuXBsgVv/I+vlDv3568ZtyZcmkTWGHSoD8wrFeSmVRqehZpg
         zhUVE2moCW2W6k2JpcRhhEWSZRUxKqjpDehhVziLUROdMlRKmtOSAUVjJSW6GZV+htZF
         qP6Q==
X-Forwarded-Encrypted: i=1; AJvYcCVJc3Yjak60YIJ/VB64Jrv6kuBivLcjMgoXwTglnBKs6QOonFUSCUYE1iJER2U81SwObYLOhasdmUZO650er/7MIsdLa6DIp09GpbLp
X-Gm-Message-State: AOJu0YxR0/alYB/i5GioErJTR9AHVtioW+GAFl8bAywnF7fJZxcaLJ/v
	8Nu635212thgQJly4Wm1xJLNR+2sxIs1NdGLztDxA3ieLBUiruijy6hD2zT5f4xDfjcC53Spa3u
	zeMjE+eCwzc8TSagEa+dnl1CpxO0Ztb4+Svw8/g==
X-Google-Smtp-Source: AGHT+IGv1NyPlTteU+QodWrK+5W2d5jHHR7CD0EnBY6ICOS/2Zk8N4FH1xC0dPtO8WL+7A313Ea5RgoBD2yG39hucLM=
X-Received: by 2002:a05:651c:2227:b0:2d8:da4c:5909 with SMTP id
 38308e7fff4ca-2e5205e2994mr109827621fa.51.1715701935948; Tue, 14 May 2024
 08:52:15 -0700 (PDT)
MIME-Version: 1.0
References: <CAJWX+EOModYYe-LDVP_1zceryEd186u=pcaTE6Sb_9XMtjhWKA@mail.gmail.com>
 <7dff9a17-744d-437b-847c-18c161c8a901@aklaver.com> <1102603.1715701509@sss.pgh.pa.us>
In-Reply-To: <1102603.1715701509@sss.pgh.pa.us>
From: Muhammad Imtiaz <imtiaz.m@bitnine.net>
Date: Tue, 14 May 2024 20:52:03 +0500
Message-ID: <CANwR1ORoTGxdhY38Lne8VtFW7fCv6=0NGCd1t6aP6OYLJA_wFg@mail.gmail.com>
Subject: Re: Valid until
To: Tom Lane <tgl@sss.pgh.pa.us>
Cc: Adrian Klaver <adrian.klaver@aklaver.com>, Rama Krishnan <raghuldrag@gmail.com>, 
	Postgres General <pgsql-general@postgresql.org>
Content-Type: multipart/alternative; boundary="0000000000006ee1f206186bfc7d"
List-Id: <pgsql-general.lists.postgresql.org>
List-Help: <https://lists.postgresql.org/manage/>
List-Subscribe: <https://lists.postgresql.org/manage/>
List-Post: <mailto:pgsql-general@lists.postgresql.org>
List-Owner: <mailto:pgsql-general-owner@lists.postgresql.org>
List-Archive: <https://www.postgresql.org/list/pgsql-general>
Archived-At: <https://www.postgresql.org/message-id/CANwR1ORoTGxdhY38Lne8VtFW7fCv6%3D0NGCd1t6aP6OYLJA_wFg%40mail.gmail.com>
Precedence: bulk

--0000000000006ee1f206186bfc7d
Content-Type: text/plain; charset="UTF-8"

Hi,
What is the outcome of this query for the specified user? Does the database
contain a value in the rolvaliduntil column?
 SELECT rolname, rolvaliduntil FROM pg_authid;
Regards,
M.Imtiaz

On Tue, 14 May 2024 at 20:45, Tom Lane <tgl@sss.pgh.pa.us> wrote:

> Adrian Klaver <adrian.klaver@aklaver.com> writes:
> > On 5/14/24 00:57, Rama Krishnan wrote:
> >> I recently set a user's password validity to "2024-05-13", but despite
> >> this, the user is still able to connect to the database. Is this a bug,
> >> or is the "valid until" parameter just for identification purposes,
> >> indicating when the password will expire?
>
> >      The VALID UNTIL clause sets a date and time after which the role's
> > password is no longer valid. If this clause is omitted the password will
> > be valid for all time.
>
> The important point there is that the *password* is not usable after
> the specified date.  If the user logs in via some non-password-based
> authentication method, that's fine (and it's on the infrastructure
> of that auth method to enforce whatever restrictions it thinks are
> appropriate).
>
>                         regards, tom lane
>
>
>

--0000000000006ee1f206186bfc7d
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

<div dir=3D"ltr"><font face=3D"arial, sans-serif">Hi,<br><span style=3D"col=
or:rgb(13,13,13)">What is the outcome of this query for the specified user?=
 Does the database contain a value in the </span><code style=3D"border:0px =
solid rgb(227,227,227);box-sizing:border-box;font-feature-settings:normal;c=
olor:rgb(13,13,13);font-weight:600">rolvaliduntil</code><span style=3D"colo=
r:rgb(13,13,13)"> column?</span>=C2=A0<br>=C2=A0SELECT rolname, rolvalidunt=
il FROM pg_authid;<br>Regards,<br>M.Imtiaz</font></div><br><div class=3D"gm=
ail_quote"><div dir=3D"ltr" class=3D"gmail_attr">On Tue, 14 May 2024 at 20:=
45, Tom Lane &lt;<a href=3D"mailto:tgl@sss.pgh.pa.us">tgl@sss.pgh.pa.us</a>=
&gt; wrote:<br></div><blockquote class=3D"gmail_quote" style=3D"margin:0px =
0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">Adri=
an Klaver &lt;<a href=3D"mailto:adrian.klaver@aklaver.com" target=3D"_blank=
">adrian.klaver@aklaver.com</a>&gt; writes:<br>
&gt; On 5/14/24 00:57, Rama Krishnan wrote:<br>
&gt;&gt; I recently set a user&#39;s password validity to &quot;2024-05-13&=
quot;, but despite <br>
&gt;&gt; this, the user is still able to connect to the database. Is this a=
 bug, <br>
&gt;&gt; or is the &quot;valid until&quot; parameter just for identificatio=
n purposes, <br>
&gt;&gt; indicating when the password will expire?<br>
<br>
&gt;=C2=A0 =C2=A0 =C2=A0 The VALID UNTIL clause sets a date and time after =
which the role&#39;s <br>
&gt; password is no longer valid. If this clause is omitted the password wi=
ll <br>
&gt; be valid for all time.<br>
<br>
The important point there is that the *password* is not usable after<br>
the specified date.=C2=A0 If the user logs in via some non-password-based<b=
r>
authentication method, that&#39;s fine (and it&#39;s on the infrastructure<=
br>
of that auth method to enforce whatever restrictions it thinks are<br>
appropriate).<br>
<br>
=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=
=A0 =C2=A0 regards, tom lane<br>
<br>
<br>
</blockquote></div>

--0000000000006ee1f206186bfc7d--