public inbox for [email protected]
help / color / mirror / Atom feedFrom: TIM CHILD <[email protected]>
To: [email protected] <[email protected]>
Subject: Re: Can we lock or expire a ROLE / USER
Date: Fri, 19 Sep 2025 09:34:13 -0700 (PDT)
Message-ID: <[email protected]> (raw)
In-Reply-To: <[email protected]>
References: <[email protected]>
Ram,
For PostgreSQL to implement features outlined below would be re-inventing the wheel as much of this feature functional already exist in Directory Service security systems like Active Directory/LDAP. Plus there are lots of good reasons that these types of security features be centrally located and administered rather than devolved into individual database instances and servers.
To get some of the functionality I would point you to to Open LDAP directory service https://en.wikipedia.org/wiki/OpenLDAP. PostgreSQL provides client integration with LDAP see https://www.postgresql.org/docs/current/auth-ldap.html
However I will point out the LDAP implementations, integration and administration can be quite complex.
-Tim
> On 09/19/2025 1:32 AM PDT Subramanian,Ramachandran <[email protected]> wrote:
>
>
>
> Hello all,
>
>
>
>
>
> Absolute novice in Postgresql, coming from the Mainframe world. Kindly forgive my ignorance.
>
>
>
> Is it possible to LOCK or DEACTIVATE or EXPIRE a USER ( ROLE with LOGIN ) after
>
>
>
> 1. A set period of inactivity
> 2. 5 Wrong password attempts
>
>
>
> I searched through the manals and did not find any mention of such a facility.
>
>
>
> If it is not possible at the database level, can this be implemented in any other way?
>
>
>
>
>
> Regards
>
>
>
> Ram
>
>
> Freundliche Grüße
>
> i. A. Ramachandran Subramanian
> Zentralbereich Informationstechnologie
>
> Alte Leipziger Lebensversicherung a. G.
> Hallesche Krankenversicherung a. G.
>
>
>
>
> ______________________
>
> ALH Gruppe
> Alte Leipziger-Platz 1, 61440 Oberursel
> Tel: +49 (6171) 66-4882
> Fax: +49 (6171) 66-800-4882
> E-Mail: [email protected]
> www.alte-leipziger.de https://www.alte-leipziger.de
> www.hallesche.de https://www.hallesche.de
>
> Alte Leipziger Lebensversicherung a. G., Alte Leipziger-Platz 1, 61440 Oberursel
> Vors. des Aufsichtsrats: Dr. Walter Botermann · Vorstand: Christoph Bohn (Vors.), Dr. Jürgen Bierbaum (stv. Vors.), Frank Kettnaker, Dr. Jochen Kriegmeier, Alexander Mayer, Wiltrud Pekarek, Udo Wilcsek
> Sitz Oberursel (Taunus) · Rechtsform VVaG · Amtsgericht Bad Homburg v. d. H. HRB 1583 · USt.-IdNr. DE 114106814
>
> Hallesche Krankenversicherung a. G., Löffelstraße 34-38, 70597 Stuttgart
> Vors. des Aufsichtsrats: Dr. Walter Botermann · Vorstand: Christoph Bohn (Vors.), Dr. Jürgen Bierbaum (stv. Vors.), Frank Kettnaker, Dr. Jochen Kriegmeier, Alexander Mayer, Wiltrud Pekarek, Udo Wilcsek
> Sitz Stuttgart · Rechtsform VVaG · Amtsgericht Stuttgart HRB 2686 · USt.-IdNr. DE 147802285
> Beiträge zu privaten Kranken- und Pflegekrankenversicherungen unterliegen nicht der Versicherungsteuer (§ 4 (1) Nr. 5 b VersStG) · Versicherungsleistungen sowie Umsätze aus Versicherungsvertreter-/Maklertätigkeiten sind umsatzsteuerfrei
>
> Pflichtangaben https://www.alte-leipziger.de/impressum der ALH Gruppe gemäß § 35a GmbHG bzw. § 80 AktG
>
reply
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Reply to all the recipients using the --to and --cc options:
reply via email
To: [email protected]
Cc: [email protected], [email protected]
Subject: Re: Can we lock or expire a ROLE / USER
In-Reply-To: <[email protected]>
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox