Re: Design Considerations for New Authentication Methods
Joshua D. Drake <jd@commandprompt.com>
From: "Joshua D. Drake" <jd@commandprompt.com>
To: Magnus Hagander <mha@sollentuna.net>
Cc: Tom Lane <tgl@sss.pgh.pa.us>, josh@agliodbs.com, pgsql-hackers@postgresql.org, Andrew Sullivan <ajs@crankycanuck.ca>
Date: 2006-11-03T16:27:36Z
Lists: pgsql-hackers
>> To be honest, I have often wondered *why* we support kerberos
>> outside of the uber l33t geek factor. I have not once in a
>> commercial deployment had a business requirement for the
>> beast. LDAP? Now that is a whole other issue :)
>
> Single sign-on in a Windows/AD environment (I'm talking clients on
> windows, servers on linux here - at least in my case). I know several
> people who use it, most just don't post here ;-)
Wouldn't the LDAP auth in 8.2 resolve that?
>
> Now, it would likely be a lot *easier* to do this with GSSAPI than the
> pure kerberos stuff we have now, given that the Windows native APIs
> support GSSAPI compatible stuff, but not the stuff we have now.
Nod.
Sincerely,
Joshua D. Drake
>
> //Magnus
>
--
=== The PostgreSQL Company: Command Prompt, Inc. ===
Sales/Support: +1.503.667.4564 || 24x7/Emergency: +1.800.492.2240
Providing the most comprehensive PostgreSQL solutions since 1997
http://www.commandprompt.com/
Donate to the PostgreSQL Project: http://www.postgresql.org/about/donate