Peter Koczan <pjkoczan(at)gmail(dot)com> writes:
> I should also point out that old clients still exhibit the old behavior.
Sure, because this is a libpq change.
> It was rather convenient to know that whatever Kerberos principal was
> used was going to be the database user.
Isn't that still true? (Modulo the auth.c bug fix of course.) The only
issue here is where the default guess for a not-explicitly-specified
username comes from, not whether you'll be allowed to connect or not.
regards, tom lane