public inbox for [email protected]  
help / color / mirror / Atom feed
From: Bossart, Nathan <[email protected]>
To: Gilles Darold <[email protected]>
To: Tom Lane <[email protected]>
Cc: PostgreSQL Hackers <[email protected]>
Subject: Re: Pasword expiration warning
Date: Sat, 20 Nov 2021 00:17:53 +0000
Message-ID: <[email protected]> (raw)
In-Reply-To: <[email protected]>
References: <[email protected]>
	<[email protected]>
	<[email protected]>

On 11/19/21, 7:56 AM, "Tom Lane" <[email protected]> wrote:
> That leads me to wonder about server-side solutions.  It's easy
> enough for the server to see that it's used a password with an
> expiration N days away, but how could that be reported to the
> client?  The only idea that comes to mind that doesn't seem like
> a protocol break is to issue a NOTICE message, which doesn't
> seem like it squares with your desire to only do this interactively.
> (Although I'm not sure I believe that's a great idea.  If your
> application breaks at 2AM because its password expired, you
> won't be any happier than if your interactive sessions start to
> fail.  Maybe a message that would leave a trail in the server log
> would be best after all.)

I bet it's possible to use the ClientAuthentication_hook for this.  In
any case, I agree that it probably belongs server-side so that other
clients can benefit from this.

Nathan



view thread (8+ messages)  latest in thread

reply

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Reply to all the recipients using the --to and --cc options:
  reply via email

  To: [email protected]
  Cc: [email protected], [email protected], [email protected]
  Subject: Re: Pasword expiration warning
  In-Reply-To: <[email protected]>

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox