public inbox for [email protected]
help / color / mirror / Atom feedCan we lock or expire a ROLE / USER
4+ messages / 4 participants
[nested] [flat]
* Can we lock or expire a ROLE / USER
@ 2025-09-19 08:32 Subramanian,Ramachandran <[email protected]>
2025-09-19 13:57 ` Re: Can we lock or expire a ROLE / USER David G. Johnston <[email protected]>
2025-09-19 15:55 ` Re: Can we lock or expire a ROLE / USER Laurenz Albe <[email protected]>
2025-09-19 16:34 ` Re: Can we lock or expire a ROLE / USER TIM CHILD <[email protected]>
0 siblings, 3 replies; 4+ messages in thread
From: Subramanian,Ramachandran @ 2025-09-19 08:32 UTC (permalink / raw)
To: [email protected] <[email protected]>
Hello all,
Absolute novice in Postgresql, coming from the Mainframe world. Kindly forgive my ignorance.
Is it possible to LOCK or DEACTIVATE or EXPIRE a USER ( ROLE with LOGIN ) after
1. A set period of inactivity
2. 5 Wrong password attempts
I searched through the manals and did not find any mention of such a facility.
If it is not possible at the database level, can this be implemented in any other way?
Regards
Ram
Freundliche Grüße
i. A. Ramachandran Subramanian
Zentralbereich Informationstechnologie
Alte Leipziger Lebensversicherung a.G.
Hallesche Krankenversicherung a.G.
Alte Leipziger Lebensversicherung a.G., Alte Leipziger-Platz 1, 61440 Oberursel
Vors. des Aufsichtsrats: Dr. Walter Botermann · Vorstand: Christoph Bohn (Vors.), Dr. Jürgen Bierbaum (stv. Vors.), Frank Kettnaker, Dr. Jochen Kriegmeier, Alexander Mayer, Wiltrud Pekarek, Udo Wilcsek
Sitz Oberursel (Taunus) · Rechtsform VVaG · Amtsgericht Bad Homburg v. d. H. HRB 1583 · USt.-IdNr. DE 114106814
Hallesche Krankenversicherung a.G., Löffelstraße 34-38, 70597 Stuttgart
Vors. des Aufsichtsrats: Dr. Walter Botermann · Vorstand: Christoph Bohn (Vors.), Dr. Jürgen Bierbaum (stv. Vors.), Frank Kettnaker, Dr. Jochen Kriegmeier, Alexander Mayer, Wiltrud Pekarek, Udo Wilcsek
Sitz Stuttgart · Rechtsform VVaG · Amtsgericht Stuttgart HRB 2686 · USt.-IdNr. DE 147802285
Beiträge zu privaten Kranken- und Pflegekrankenversicherungen unterliegen nicht der Versicherungsteuer (§ 4 Nr. 5 VersStG) · Versicherungsleistungen sowie Umsätze aus Versicherungsvertreter-/Maklertätigkeiten sind umsatzsteuerfrei
Die Pflichtangaben der ALH Gruppe gemäß § 35a GmbHG bzw. § 80 AktG finden Sie hier: https://www.alte-leipziger.de/impressum
______________________
ALH Gruppe
Alte Leipziger-Platz 1, 61440 Oberursel
Tel.: +49 (6171) 66-4882
Fax: +49 (6171) 66-800-4882
E-Mail: [email protected]
www.alte-leipziger.de
www.hallesche.de
^ permalink raw reply [nested|flat] 4+ messages in thread
* Re: Can we lock or expire a ROLE / USER
2025-09-19 08:32 Can we lock or expire a ROLE / USER Subramanian,Ramachandran <[email protected]>
@ 2025-09-19 13:57 ` David G. Johnston <[email protected]>
2 siblings, 0 replies; 4+ messages in thread
From: David G. Johnston @ 2025-09-19 13:57 UTC (permalink / raw)
To: Subramanian,Ramachandran <[email protected]>; +Cc: [email protected] <[email protected]>
On Friday, September 19, 2025, Subramanian,Ramachandran <
[email protected]> wrote:
> Is it possible to LOCK or DEACTIVATE or EXPIRE a USER ( ROLE with LOGIN )
> after
>
> 1. A set period of inactivity
> 2. 5 Wrong password attempts
>
> I searched through the manals and did not find any mention of such a
> facility.
>
> And thus it does not exist, at least in core. Not sure what is available
in the world of extensions.
Otherwise you’d want to log login events and you could then script a tool
to alter role upon seeing relevant log activity.
David J.
^ permalink raw reply [nested|flat] 4+ messages in thread
* Re: Can we lock or expire a ROLE / USER
2025-09-19 08:32 Can we lock or expire a ROLE / USER Subramanian,Ramachandran <[email protected]>
@ 2025-09-19 15:55 ` Laurenz Albe <[email protected]>
2 siblings, 0 replies; 4+ messages in thread
From: Laurenz Albe @ 2025-09-19 15:55 UTC (permalink / raw)
To: Subramanian,Ramachandran <[email protected]>; [email protected] <[email protected]>
On Fri, 2025-09-19 at 08:32 +0000, Subramanian,Ramachandran wrote:
> Absolute novice in Postgresql, coming from the Mainframe world. Kindly forgive my ignorance.
>
> Is it possible to LOCK or DEACTIVATE or EXPIRE a USER ( ROLE with LOGIN ) after
>
> 1. A set period of inactivity
> 2. 5 Wrong password attempts
>
> I searched through the manals and did not find any mention of such a facility.
PostgreSQL doesn't offer support for these functionalities.
It also does not allow you to enforce password complexity rules.
> If it is not possible at the database level, can this be implemented in any other way?
The way to do that is to authenticat database users using a central identity
management system like Kerberos. See the documentation for a list of supported
authentication methods:
https://www.postgresql.org/docs/current/client-authentication.html
Yours,
Laurenz Albe
^ permalink raw reply [nested|flat] 4+ messages in thread
* Re: Can we lock or expire a ROLE / USER
2025-09-19 08:32 Can we lock or expire a ROLE / USER Subramanian,Ramachandran <[email protected]>
@ 2025-09-19 16:34 ` TIM CHILD <[email protected]>
2 siblings, 0 replies; 4+ messages in thread
From: TIM CHILD @ 2025-09-19 16:34 UTC (permalink / raw)
To: [email protected] <[email protected]>
Ram,
For PostgreSQL to implement features outlined below would be re-inventing the wheel as much of this feature functional already exist in Directory Service security systems like Active Directory/LDAP. Plus there are lots of good reasons that these types of security features be centrally located and administered rather than devolved into individual database instances and servers.
To get some of the functionality I would point you to to Open LDAP directory service https://en.wikipedia.org/wiki/OpenLDAP. PostgreSQL provides client integration with LDAP see https://www.postgresql.org/docs/current/auth-ldap.html
However I will point out the LDAP implementations, integration and administration can be quite complex.
-Tim
> On 09/19/2025 1:32 AM PDT Subramanian,Ramachandran <[email protected]> wrote:
>
>
>
> Hello all,
>
>
>
>
>
> Absolute novice in Postgresql, coming from the Mainframe world. Kindly forgive my ignorance.
>
>
>
> Is it possible to LOCK or DEACTIVATE or EXPIRE a USER ( ROLE with LOGIN ) after
>
>
>
> 1. A set period of inactivity
> 2. 5 Wrong password attempts
>
>
>
> I searched through the manals and did not find any mention of such a facility.
>
>
>
> If it is not possible at the database level, can this be implemented in any other way?
>
>
>
>
>
> Regards
>
>
>
> Ram
>
>
> Freundliche Grüße
>
> i. A. Ramachandran Subramanian
> Zentralbereich Informationstechnologie
>
> Alte Leipziger Lebensversicherung a. G.
> Hallesche Krankenversicherung a. G.
>
>
>
>
> ______________________
>
> ALH Gruppe
> Alte Leipziger-Platz 1, 61440 Oberursel
> Tel: +49 (6171) 66-4882
> Fax: +49 (6171) 66-800-4882
> E-Mail: [email protected]
> www.alte-leipziger.de https://www.alte-leipziger.de
> www.hallesche.de https://www.hallesche.de
>
> Alte Leipziger Lebensversicherung a. G., Alte Leipziger-Platz 1, 61440 Oberursel
> Vors. des Aufsichtsrats: Dr. Walter Botermann · Vorstand: Christoph Bohn (Vors.), Dr. Jürgen Bierbaum (stv. Vors.), Frank Kettnaker, Dr. Jochen Kriegmeier, Alexander Mayer, Wiltrud Pekarek, Udo Wilcsek
> Sitz Oberursel (Taunus) · Rechtsform VVaG · Amtsgericht Bad Homburg v. d. H. HRB 1583 · USt.-IdNr. DE 114106814
>
> Hallesche Krankenversicherung a. G., Löffelstraße 34-38, 70597 Stuttgart
> Vors. des Aufsichtsrats: Dr. Walter Botermann · Vorstand: Christoph Bohn (Vors.), Dr. Jürgen Bierbaum (stv. Vors.), Frank Kettnaker, Dr. Jochen Kriegmeier, Alexander Mayer, Wiltrud Pekarek, Udo Wilcsek
> Sitz Stuttgart · Rechtsform VVaG · Amtsgericht Stuttgart HRB 2686 · USt.-IdNr. DE 147802285
> Beiträge zu privaten Kranken- und Pflegekrankenversicherungen unterliegen nicht der Versicherungsteuer (§ 4 (1) Nr. 5 b VersStG) · Versicherungsleistungen sowie Umsätze aus Versicherungsvertreter-/Maklertätigkeiten sind umsatzsteuerfrei
>
> Pflichtangaben https://www.alte-leipziger.de/impressum der ALH Gruppe gemäß § 35a GmbHG bzw. § 80 AktG
>
^ permalink raw reply [nested|flat] 4+ messages in thread
end of thread, other threads:[~2025-09-19 16:34 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed)
-- links below jump to the message on this page --
2025-09-19 08:32 Can we lock or expire a ROLE / USER Subramanian,Ramachandran <[email protected]>
2025-09-19 13:57 ` David G. Johnston <[email protected]>
2025-09-19 15:55 ` Laurenz Albe <[email protected]>
2025-09-19 16:34 ` TIM CHILD <[email protected]>
This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox