From: Dave Page on 1 Oct 2009 08:57 On Thu, Oct 1, 2009 at 1:53 PM, Albe Laurenz <laurenz.albe(a)wien.gv.at> wrote: > In the discussion following > http://archives.postgresql.org/pgsql-hackers/2009-09/msg01766.php > the consensus was that a hook that allows you to implement > a password checking routine as a module "would not hurt". > > So here's the patch. > I don't think there is documentation required; > correct me if I am wrong. How will people know how to use it, or that it's even there without at least a note in the docs somewhere? -- Dave Page EnterpriseDB UK: http://www.enterprisedb.com -- Sent via pgsql-hackers mailing list (pgsql-hackers(a)postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
From: Andrew Dunstan on 1 Oct 2009 09:04 Dave Page wrote: > On Thu, Oct 1, 2009 at 1:53 PM, Albe Laurenz <laurenz.albe(a)wien.gv.at> wrote: > >> In the discussion following >> http://archives.postgresql.org/pgsql-hackers/2009-09/msg01766.php >> the consensus was that a hook that allows you to implement >> a password checking routine as a module "would not hurt". >> >> So here's the patch. >> I don't think there is documentation required; >> correct me if I am wrong. >> > > How will people know how to use it, or that it's even there without at > least a note in the docs somewhere? > > I'd prefer to have an example as a contrib module, as well as docs. Quite apart from anything else, how the heck would we test it without such a thing? cheers andrew -- Sent via pgsql-hackers mailing list (pgsql-hackers(a)postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
From: "Albe Laurenz" on 1 Oct 2009 09:26 Andrew Dunstan wrote: >>> So here's the patch. >>> I don't think there is documentation required; >>> correct me if I am wrong. >> >> How will people know how to use it, or that it's even there without at >> least a note in the docs somewhere? > > I'd prefer to have an example as a contrib module, as well as docs. > Quite apart from anything else, how the heck would we test it without > such a thing? I was not sure because no other hooks were documented anywhere else than in the code. I could add a paragraph in the "auth-password" section of client-auth.sgml. Or is there a better place? I could easily write a simple contrib that adds a check for username = password if there is interest. Yours, Laurenz Albe -- Sent via pgsql-hackers mailing list (pgsql-hackers(a)postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
From: Magnus Hagander on 1 Oct 2009 09:54 On Thu, Oct 1, 2009 at 15:26, Albe Laurenz <laurenz.albe(a)wien.gv.at> wrote: > Andrew Dunstan wrote: >>>> So here's the patch. >>>> I don't think there is documentation required; >>>> correct me if I am wrong. >>> >>> How will people know how to use it, or that it's even there without at >>> least a note in the docs somewhere? >> >> I'd prefer to have an example as a contrib module, as well as docs. >> Quite apart from anything else, how the heck would we test it without >> such a thing? > > I was not sure because no other hooks were documented anywhere else > than in the code. > > I could add a paragraph in the "auth-password" section of > client-auth.sgml. Or is there a better place? > > I could easily write a simple contrib that adds a check for > username = password if there is interest. I think it's better to have an actually *useful* contrib module for it, if there is one. Meaning perhaps something that links to that cracklib thing mentioned upthread. -- Magnus Hagander Me: http://www.hagander.net/ Work: http://www.redpill-linpro.com/ -- Sent via pgsql-hackers mailing list (pgsql-hackers(a)postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
From: Kenneth Marshall on 1 Oct 2009 10:04
On Thu, Oct 01, 2009 at 03:54:37PM +0200, Magnus Hagander wrote: > On Thu, Oct 1, 2009 at 15:26, Albe Laurenz <laurenz.albe(a)wien.gv.at> wrote: > > Andrew Dunstan wrote: > >>>> So here's the patch. > >>>> I don't think there is documentation required; > >>>> correct me if I am wrong. > >>> > >>> How will people know how to use it, or that it's even there without at > >>> least a note in the docs somewhere? > >> > >> I'd prefer to have an example as a contrib module, as well as docs. > >> Quite apart from anything else, how the heck would we test it without > >> such a thing? > > > > I was not sure because no other hooks were documented anywhere else > > than in the code. > > > > I could add a paragraph in the "auth-password" section of > > client-auth.sgml. Or is there a better place? > > > > I could easily write a simple contrib that adds a check for > > username = password if there is interest. > > I think it's better to have an actually *useful* contrib module for > it, if there is one. Meaning perhaps something that links to that > cracklib thing mentioned upthread. > +1 for a sample module that will allow cracklib to drop in. Cheers, Ken -- Sent via pgsql-hackers mailing list (pgsql-hackers(a)postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers |