Re: Design Considerations for New Authentication Methods

Martijn van Oosterhout <kleptog@svana.org>

From: Martijn van Oosterhout <kleptog@svana.org>
To: Magnus Hagander <mha@sollentuna.net>
Cc: Stephen Frost <sfrost@snowman.net>, "Henry B. Hotz" <hotz@jpl.nasa.gov>, pgsql-hackers@postgresql.org
Date: 2006-11-02T21:57:47Z
Lists: pgsql-hackers
On Thu, Nov 02, 2006 at 08:58:37PM +0100, Magnus Hagander wrote:
> > I don't think you can tie the SSL certificate to a specific 
> > user though...  I certainly can't recall any way to do that 
> > today in PG.
> 
> You can't. It's been talked about, but never done.

Oops, sorry. You can verify the user has a valid certificate, but you
can't use it for authentication. AFAIK it just needs to be coded
(certainly the code to get the relevent fields from the certificate is
there).

Have a nice day,
-- 
Martijn van Oosterhout   <kleptog@svana.org>   http://svana.org/kleptog/
> From each according to his ability. To each according to his ability to litigate.