Re: SSPI authentication

On Wed, Jul 18, 2007 at 09:44:02AM +0100, Dave Page wrote:
> Magnus Hagander wrote:
> > Dave Page wrote:
> >> Magnus Hagander wrote:
> >>> So what we'd need in that case is a new libpq connectionstring
> >>> parameter. Which can be done, but it'd require that all frontends that
> >>> use libpq add support for it - such as pgadmin. I'm not sure if the ODBC
> >>> driver will support arbitrary arguments, otherwise that one needs it too.
> >>>
> >>> As I'm sure you can tell, I'm far from convinced this is a good idea ;-)
> >>> Anybody else want to comment on this?
> >> The ODBC driver would need modification (as would pgAdmin of course).
> >> Whats more of a concern is that we already have ODBC connection strings
> >> that can be too long - adding yet another option will make that worse of
> >> course.
> >
> > Interesting, didn't know that. That makes that option even less interesting.
> >
> > Can you comment on if the current ODBC driver will pick up GSSAPI
> > authentication from libpq or if it needs new code to deal with it? I
> > never quite figured out how they integrate with libpq for the
> > authentication part since it moved away from using libpq for everything
> > again.
>
> It should 'just work' I guess - it does for the existing Kerberos
> support. I never really studied GSSAPI though so I may be missing some
> fundamental point.

Ok, I got around to do some testing and it works perfectly fine. At least
on Windows - don't have ODBC set up anywhere else. But on windows + the
SSPI patch I just posted I get integrated login without any problems from a
vbscript using ODBC. Driver version 8.1 even :-)

//Magnus