public inbox for [email protected]
help / color / mirror / Atom feedFrom: Laurenz Albe <[email protected]>
To: Subramanian,Ramachandran <[email protected]>
To: [email protected] <[email protected]>
Subject: Re: Can we lock or expire a ROLE / USER
Date: Fri, 19 Sep 2025 17:55:16 +0200
Message-ID: <[email protected]> (raw)
In-Reply-To: <[email protected]>
References: <[email protected]>
On Fri, 2025-09-19 at 08:32 +0000, Subramanian,Ramachandran wrote:
> Absolute novice in Postgresql, coming from the Mainframe world. Kindly forgive my ignorance.
>
> Is it possible to LOCK or DEACTIVATE or EXPIRE a USER ( ROLE with LOGIN ) after
>
> 1. A set period of inactivity
> 2. 5 Wrong password attempts
>
> I searched through the manals and did not find any mention of such a facility.
PostgreSQL doesn't offer support for these functionalities.
It also does not allow you to enforce password complexity rules.
> If it is not possible at the database level, can this be implemented in any other way?
The way to do that is to authenticat database users using a central identity
management system like Kerberos. See the documentation for a list of supported
authentication methods:
https://www.postgresql.org/docs/current/client-authentication.html
Yours,
Laurenz Albe
reply
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Reply to all the recipients using the --to and --cc options:
reply via email
To: [email protected]
Cc: [email protected], [email protected], [email protected]
Subject: Re: Can we lock or expire a ROLE / USER
In-Reply-To: <[email protected]>
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox