> * Eventual Retirement of old credentials without having to issue ALTER > statements (or really statements of any kind...) against application > schema objects.
OK, that's a different goal. You want to be able to expire passwords with an overlap period. That's quite different from wanting an indefinfite number of passwords per role. Mind you, the main way to do this right now ... and where you're going to get pushback ... is using LDAP, ActiveDirectory or similar. At a certain point we have to draw the line and say "PostgreSQL is not an authtenication server". I don't know exactly where that line is, but recognize that you're arguing about where to draw it. -- -- Josh Berkus PostgreSQL Experts Inc. http://www.pgexperts.com -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers