diff --git a/contrib/postgres_fdw/connection.c b/contrib/postgres_fdw/connection.c
new file mode 100644
index be4ec07..256d484
*** a/contrib/postgres_fdw/connection.c
--- b/contrib/postgres_fdw/connection.c
*************** static bool xact_got_connection = false;
*** 75,81 ****
  /* prototypes of private functions */
  static PGconn *connect_pg_server(ForeignServer *server, UserMapping *user);
  static void disconnect_pg_server(ConnCacheEntry *entry);
! static void check_conn_params(const char **keywords, const char **values);
  static void configure_remote_session(PGconn *conn);
  static void do_sql_command(PGconn *conn, const char *sql);
  static void begin_remote_xact(ConnCacheEntry *entry);
--- 75,81 ----
  /* prototypes of private functions */
  static PGconn *connect_pg_server(ForeignServer *server, UserMapping *user);
  static void disconnect_pg_server(ConnCacheEntry *entry);
! static void check_conn_params(const char **keywords, const char **values, UserMapping *user);
  static void configure_remote_session(PGconn *conn);
  static void do_sql_command(PGconn *conn, const char *sql);
  static void begin_remote_xact(ConnCacheEntry *entry);
*************** connect_pg_server(ForeignServer *server,
*** 261,267 ****
  		keywords[n] = values[n] = NULL;
  
  		/* verify connection parameters and make connection */
! 		check_conn_params(keywords, values);
  
  		conn = PQconnectdbParams(keywords, values, false);
  		if (!conn || PQstatus(conn) != CONNECTION_OK)
--- 261,267 ----
  		keywords[n] = values[n] = NULL;
  
  		/* verify connection parameters and make connection */
! 		check_conn_params(keywords, values, user);
  
  		conn = PQconnectdbParams(keywords, values, false);
  		if (!conn || PQstatus(conn) != CONNECTION_OK)
*************** connect_pg_server(ForeignServer *server,
*** 276,282 ****
  		 * otherwise, he's piggybacking on the postgres server's user
  		 * identity. See also dblink_security_check() in contrib/dblink.
  		 */
! 		if (!superuser() && !PQconnectionUsedPassword(conn))
  			ereport(ERROR,
  					(errcode(ERRCODE_S_R_E_PROHIBITED_SQL_STATEMENT_ATTEMPTED),
  					 errmsg("password is required"),
--- 276,282 ----
  		 * otherwise, he's piggybacking on the postgres server's user
  		 * identity. See also dblink_security_check() in contrib/dblink.
  		 */
! 		if (!superuser() && !superuser_arg(user->userid) && !PQconnectionUsedPassword(conn))
  			ereport(ERROR,
  					(errcode(ERRCODE_S_R_E_PROHIBITED_SQL_STATEMENT_ATTEMPTED),
  					 errmsg("password is required"),
*************** disconnect_pg_server(ConnCacheEntry *ent
*** 322,333 ****
   * contrib/dblink.)
   */
  static void
! check_conn_params(const char **keywords, const char **values)
  {
  	int			i;
  
  	/* no check required if superuser */
! 	if (superuser())
  		return;
  
  	/* ok if params contain a non-empty password */
--- 322,333 ----
   * contrib/dblink.)
   */
  static void
! check_conn_params(const char **keywords, const char **values, UserMapping *user)
  {
  	int			i;
  
  	/* no check required if superuser */
! 	if (superuser() || superuser_arg(user->userid))
  		return;
  
  	/* ok if params contain a non-empty password */