Re: Design Considerations for New Authentication Methods

Magnus Hagander <mha@sollentuna.net>

From: "Magnus Hagander" <mha@sollentuna.net>
To: "Joshua D. Drake" <jd@commandprompt.com>
Cc: "Tom Lane" <tgl@sss.pgh.pa.us>, <josh@agliodbs.com>, <pgsql-hackers@postgresql.org>, "Andrew Sullivan" <ajs@crankycanuck.ca>
Date: 2006-11-03T21:52:21Z
Lists: pgsql-hackers
> >> To be honest, I have often wondered *why* we support 
> kerberos outside 
> >> of the uber l33t geek factor. I have not once in a commercial 
> >> deployment had a business requirement for the beast. LDAP? 
> Now that 
> >> is a whole other issue :)
> > 
> > Single sign-on in a Windows/AD environment (I'm talking clients on 
> > windows, servers on linux here - at least in my case). I 
> know several 
> > people who use it, most just don't post here ;-)
> 
> Wouldn't the LDAP auth in 8.2 resolve that?

No. LDAP gives me single credentials, but not single sign-on. I still
have to enter my password every time I connect.

//Magnus