* Marko Kreen (mark...@gmail.com) wrote: > As it works only on connect > time, it can actually be secure, unlike user switching > with SET ROLE.
I'm guessing your issue with SET ROLE is that a RESET ROLE can be issued later..? If so, I'd suggest that we look at fixing that, but realize it could break poolers. For that matter, I'm not sure how the proposal to allow connections to be authenticated as one user but authorized as another (which we actually already support in some cases, eg: peer) *wouldn't* break poolers, unless you're suggesting they either use a separate connection for every user, or reconnect every time, both of which strike me as defeating a great deal of the point of having a pooler in the first place... Thanks, Stephen
signature.asc
Description: Digital signature