Re: BUG #4824: KRB5/GSSAPI authentication fails when user != principal

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: Peter Koczan <pjkoczan(at)gmail(dot)com>
Cc: Magnus Hagander <magnus(at)hagander(dot)net>, pgsql-bugs(at)postgresql(dot)org
Subject: Re: BUG #4824: KRB5/GSSAPI authentication fails when user != principal
Date: 2009-05-28 18:30:50
Message-ID: 14452.1243535450@sss.pgh.pa.us
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-bugs

Peter Koczan <pjkoczan(at)gmail(dot)com> writes:
> I should also point out that old clients still exhibit the old behavior.

Sure, because this is a libpq change.

> It was rather convenient to know that whatever Kerberos principal was
> used was going to be the database user.

Isn't that still true? (Modulo the auth.c bug fix of course.) The only
issue here is where the default guess for a not-explicitly-specified
username comes from, not whether you'll be allowed to connect or not.

regards, tom lane

In response to

Responses

Browse pgsql-bugs by date

  From Date Subject
Next Message Silvano de Souza 2009-05-28 19:00:36 BUG #4827: install
Previous Message Peter Koczan 2009-05-28 18:19:37 Re: BUG #4824: KRB5/GSSAPI authentication fails when user != principal