Magnus Hagander wrote:
> This patch changes the options field of pg_hba.conf to take name/value
> pairs instead of a fixed string. This makes it a lot nicer to deal with
> auth methods that need more than one parameter, such as LDAP.
> While at it, it also adds map support to kerberos, gssapi and sspi and
> not just ident - basically all methods where the username comes from an
> outside source (lmk if I missed one).
> Also in passing, changes the methods in auth.c to deal with "unsupported
> auth method on this platform" errors the same way for all authentication
> I intend to build on this patch to support setting some
> Kerberos/GSSAPI/SSPI parameters on a per-connection base, but wanted to
> get the basics in first.
> Obviously, documentation still pending. I'm working on that in parallel.
> So, comments? Both in general, and specifically on if we need to do
> backwards compatible parsing of LDAP options (doing it of all the other
> options would be trivial, but LDAP would be harder)
Updated version of this patch, now with doc changes.
In response to
pgsql-hackers by date
|Next:||From: Pavel Stehule||Date: 2008-10-11 17:55:44|
|Subject: Re: patch: array_ndims|
|Previous:||From: dpage||Date: 2008-10-11 16:43:58|
|Subject: Re: About postgresql8.3.3 build in MS VS2005|