Skip site navigation (1) Skip section navigation (2)

Re: SSPI authentication - patch

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: Magnus Hagander <magnus(at)hagander(dot)net>
Cc: pgsql-patches <pgsql-patches(at)postgresql(dot)org>
Subject: Re: SSPI authentication - patch
Date: 2007-07-20 16:47:35
Message-ID: 10813.1184950055@sss.pgh.pa.us (view raw or flat)
Thread:
Lists: pgsql-patches
Magnus Hagander <magnus(at)hagander(dot)net> writes:
> Stephen Frost wrote:
>> That's true, but if we used upper-case with something NEW (SSPI) while
>> keeping it the same for the OLD (KRB5, and I'd vote GSSAPI) then we're
>> not breaking backwards compatibility while also catering to the masses.
>> I guess I don't see too many people using SSPI w/ an MIT KDC, and it
>> wasn't possible previously anyway.
>> 
>> What do you think?

> Hmm. It makes the default a lot less clear, and opens up for confusion.
> So I'm not so sure I like it :-)

A non-backward-compatible behavior change is going to cause a lot of
confusion too.

If I have things straight (and I'm not sure I do) then we are treating
sspi as a different type of auth method.  It would be sane, or at least
explainable, to have a different default name for the different auth
method.  I think a platform-dependent default would seriously suck,
and changing the default behavior for existing configurations would
break things.  So Stephen's suggestion seemed plausible to me.

			regards, tom lane

In response to

Responses

pgsql-patches by date

Next:From: Patrick WelcheDate: 2007-07-20 17:32:39
Subject: Re: configure.in / xml / quoting trouble
Previous:From: Magnus HaganderDate: 2007-07-20 16:18:13
Subject: Re: SSPI authentication - patch

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group