summaryrefslogtreecommitdiffstats
path: root/doc/src/sgml/html/sasl-authentication.html
diff options
context:
space:
mode:
Diffstat (limited to 'doc/src/sgml/html/sasl-authentication.html')
-rw-r--r--doc/src/sgml/html/sasl-authentication.html104
1 files changed, 104 insertions, 0 deletions
diff --git a/doc/src/sgml/html/sasl-authentication.html b/doc/src/sgml/html/sasl-authentication.html
new file mode 100644
index 0000000..5790ed6
--- /dev/null
+++ b/doc/src/sgml/html/sasl-authentication.html
@@ -0,0 +1,104 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>55.3. SASL Authentication</title><link rel="stylesheet" type="text/css" href="stylesheet.css" /><link rev="made" href="pgsql-docs@lists.postgresql.org" /><meta name="generator" content="DocBook XSL Stylesheets Vsnapshot" /><link rel="prev" href="protocol-flow.html" title="55.2. Message Flow" /><link rel="next" href="protocol-replication.html" title="55.4. Streaming Replication Protocol" /></head><body id="docContent" class="container-fluid col-10"><div class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="5" align="center">55.3. SASL Authentication</th></tr><tr><td width="10%" align="left"><a accesskey="p" href="protocol-flow.html" title="55.2. Message Flow">Prev</a> </td><td width="10%" align="left"><a accesskey="u" href="protocol.html" title="Chapter 55. Frontend/Backend Protocol">Up</a></td><th width="60%" align="center">Chapter 55. Frontend/Backend Protocol</th><td width="10%" align="right"><a accesskey="h" href="index.html" title="PostgreSQL 15.4 Documentation">Home</a></td><td width="10%" align="right"> <a accesskey="n" href="protocol-replication.html" title="55.4. Streaming Replication Protocol">Next</a></td></tr></table><hr /></div><div class="sect1" id="SASL-AUTHENTICATION"><div class="titlepage"><div><div><h2 class="title" style="clear: both">55.3. SASL Authentication</h2></div></div></div><div class="toc"><dl class="toc"><dt><span class="sect2"><a href="sasl-authentication.html#SASL-SCRAM-SHA-256">55.3.1. SCRAM-SHA-256 Authentication</a></span></dt></dl></div><p>
+ <em class="firstterm">SASL</em> is a framework for authentication in connection-oriented
+ protocols. At the moment, <span class="productname">PostgreSQL</span> implements two SASL
+ authentication mechanisms, SCRAM-SHA-256 and SCRAM-SHA-256-PLUS. More
+ might be added in the future. The below steps illustrate how SASL
+ authentication is performed in general, while the next subsection gives
+ more details on SCRAM-SHA-256 and SCRAM-SHA-256-PLUS.
+ </p><div class="procedure" id="id-1.10.6.8.3"><p class="title"><strong>SASL Authentication Message Flow</strong></p><ol class="procedure" type="1"><li class="step" id="SASL-AUTH-BEGIN"><p>
+ To begin a SASL authentication exchange, the server sends an
+ AuthenticationSASL message. It includes a list of SASL authentication
+ mechanisms that the server can accept, in the server's preferred order.
+ </p></li><li class="step" id="SASL-AUTH-INITIAL-RESPONSE"><p>
+ The client selects one of the supported mechanisms from the list, and sends
+ a SASLInitialResponse message to the server. The message includes the name
+ of the selected mechanism, and an optional Initial Client Response, if the
+ selected mechanism uses that.
+ </p></li><li class="step" id="SASL-AUTH-CONTINUE"><p>
+ One or more server-challenge and client-response message will follow. Each
+ server-challenge is sent in an AuthenticationSASLContinue message, followed
+ by a response from client in a SASLResponse message. The particulars of
+ the messages are mechanism specific.
+ </p></li><li class="step" id="SASL-AUTH-END"><p>
+ Finally, when the authentication exchange is completed successfully, the
+ server sends an AuthenticationSASLFinal message, followed
+ immediately by an AuthenticationOk message. The AuthenticationSASLFinal
+ contains additional server-to-client data, whose content is particular to the
+ selected authentication mechanism. If the authentication mechanism doesn't
+ use additional data that's sent at completion, the AuthenticationSASLFinal
+ message is not sent.
+ </p></li></ol></div><p>
+ On error, the server can abort the authentication at any stage, and send an
+ ErrorMessage.
+ </p><div class="sect2" id="SASL-SCRAM-SHA-256"><div class="titlepage"><div><div><h3 class="title">55.3.1. SCRAM-SHA-256 Authentication</h3></div></div></div><p>
+ The implemented SASL mechanisms at the moment
+ are <code class="literal">SCRAM-SHA-256</code> and its variant with channel
+ binding <code class="literal">SCRAM-SHA-256-PLUS</code>. They are described in
+ detail in <a class="ulink" href="https://tools.ietf.org/html/rfc7677" target="_top">RFC 7677</a>
+ and <a class="ulink" href="https://tools.ietf.org/html/rfc5802" target="_top">RFC 5802</a>.
+ </p><p>
+ When SCRAM-SHA-256 is used in PostgreSQL, the server will ignore the user name
+ that the client sends in the <code class="structname">client-first-message</code>. The user name
+ that was already sent in the startup message is used instead.
+ <span class="productname">PostgreSQL</span> supports multiple character encodings, while SCRAM
+ dictates UTF-8 to be used for the user name, so it might be impossible to
+ represent the PostgreSQL user name in UTF-8.
+ </p><p>
+ The SCRAM specification dictates that the password is also in UTF-8, and is
+ processed with the <em class="firstterm">SASLprep</em> algorithm.
+ <span class="productname">PostgreSQL</span>, however, does not require UTF-8 to be used for
+ the password. When a user's password is set, it is processed with SASLprep
+ as if it was in UTF-8, regardless of the actual encoding used. However, if
+ it is not a legal UTF-8 byte sequence, or it contains UTF-8 byte sequences
+ that are prohibited by the SASLprep algorithm, the raw password will be used
+ without SASLprep processing, instead of throwing an error. This allows the
+ password to be normalized when it is in UTF-8, but still allows a non-UTF-8
+ password to be used, and doesn't require the system to know which encoding
+ the password is in.
+ </p><p>
+ <em class="firstterm">Channel binding</em> is supported in PostgreSQL builds with
+ SSL support. The SASL mechanism name for SCRAM with channel binding is
+ <code class="literal">SCRAM-SHA-256-PLUS</code>. The channel binding type used by
+ PostgreSQL is <code class="literal">tls-server-end-point</code>.
+ </p><p>
+ In <acronym class="acronym">SCRAM</acronym> without channel binding, the server chooses
+ a random number that is transmitted to the client to be mixed with the
+ user-supplied password in the transmitted password hash. While this
+ prevents the password hash from being successfully retransmitted in
+ a later session, it does not prevent a fake server between the real
+ server and client from passing through the server's random value
+ and successfully authenticating.
+ </p><p>
+ <acronym class="acronym">SCRAM</acronym> with channel binding prevents such
+ man-in-the-middle attacks by mixing the signature of the server's
+ certificate into the transmitted password hash. While a fake server can
+ retransmit the real server's certificate, it doesn't have access to the
+ private key matching that certificate, and therefore cannot prove it is
+ the owner, causing SSL connection failure.
+ </p><div class="procedure" id="id-1.10.6.8.5.8"><p class="title"><strong>Example</strong></p><ol class="procedure" type="1"><li class="step" id="SCRAM-BEGIN"><p>
+ The server sends an AuthenticationSASL message. It includes a list of
+ SASL authentication mechanisms that the server can accept.
+ This will be <code class="literal">SCRAM-SHA-256-PLUS</code>
+ and <code class="literal">SCRAM-SHA-256</code> if the server is built with SSL
+ support, or else just the latter.
+ </p></li><li class="step" id="SCRAM-CLIENT-FIRST"><p>
+ The client responds by sending a SASLInitialResponse message, which
+ indicates the chosen mechanism, <code class="literal">SCRAM-SHA-256</code> or
+ <code class="literal">SCRAM-SHA-256-PLUS</code>. (A client is free to choose either
+ mechanism, but for better security it should choose the channel-binding
+ variant if it can support it.) In the Initial Client response field, the
+ message contains the SCRAM <code class="structname">client-first-message</code>.
+ The <code class="structname">client-first-message</code> also contains the channel
+ binding type chosen by the client.
+ </p></li><li class="step" id="SCRAM-SERVER-FIRST"><p>
+ Server sends an AuthenticationSASLContinue message, with a SCRAM
+ <code class="structname">server-first-message</code> as the content.
+ </p></li><li class="step" id="SCRAM-CLIENT-FINAL"><p>
+ Client sends a SASLResponse message, with SCRAM
+ <code class="structname">client-final-message</code> as the content.
+ </p></li><li class="step" id="SCRAM-SERVER-FINAL"><p>
+ Server sends an AuthenticationSASLFinal message, with the SCRAM
+ <code class="structname">server-final-message</code>, followed immediately by
+ an AuthenticationOk message.
+ </p></li></ol></div></div></div><div class="navfooter"><hr /><table width="100%" summary="Navigation footer"><tr><td width="40%" align="left"><a accesskey="p" href="protocol-flow.html" title="55.2. Message Flow">Prev</a> </td><td width="20%" align="center"><a accesskey="u" href="protocol.html" title="Chapter 55. Frontend/Backend Protocol">Up</a></td><td width="40%" align="right"> <a accesskey="n" href="protocol-replication.html" title="55.4. Streaming Replication Protocol">Next</a></td></tr><tr><td width="40%" align="left" valign="top">55.2. Message Flow </td><td width="20%" align="center"><a accesskey="h" href="index.html" title="PostgreSQL 15.4 Documentation">Home</a></td><td width="40%" align="right" valign="top"> 55.4. Streaming Replication Protocol</td></tr></table></div></body></html> \ No newline at end of file