From: Andrew Jackson <[email protected]>
Sent: Monday, January 12, 2026 10:50
To: pgsql-hackers <[email protected]>
Subject: Add ldapservice connection parameter
Currently there exists, only in pg_service.conf, the ability to look
up connection parameters from a centralized LDAP server. This patch
expands the usability of this by allowing it to be specified directly in
a connection string instead of only in a pg_service.conf file.
Hi, Andrew,
I have one question, if LDAP has higher priority, we should put the its code to
be before "service" logic, like:
+ if (ldapservice != NULL && strncmp(ldapservice, "ldap", 4) == 0) {
+ if (!ldapServiceLookup(ldapservice, options, errorMessage))
+ return 0; // return if LDAP processing succeeds.
/*
* We have to special-case the environment variable PGSERVICE here,
since
* this is and should be called before inserting environment defaults
for
* other connection options.
*/
if (service == NULL)
service = getenv("PGSERVICE");
/* If no service name given, nothing to do */
if (service == NULL)
return 0;
This will be consistent with how PG processes the pg_service.conf file.
See https://www.postgresql.org/docs/18/libpq-ldap.html
"Processing of pg_service.conf is terminated after a successful LDAP lookup,
but is continued if the LDAP server cannot be contacted."
Thanks,
Steven
