CN <cnliou9@xxxxxxxxxxx> writes:
> If command "SET SESSION AUTHORIZATION" is enhanced to accept two
> additional arguments
> PASSWORD <password>
> , then a client simply establishes only one connection to server and do
> jobs for a million roles.
* Any session-level settings specified for the new role with ALTER
USER SET don't get adopted.
While you could imagine that specific applications might be okay with
these things, they're pretty fatal for a general-purpose connection
pooler; the first two in particular would be unacceptable security
holes.
Is there a reason something "SET ROLE ... WITH SETTINGS" couldn't be implemented?
David J.
