| From: | "Magnus Hagander" <mha(at)sollentuna(dot)net> |
|---|---|
| To: | <mark(at)mark(dot)mielke(dot)cc>, "Joshua D(dot) Drake" <jd(at)commandprompt(dot)com> |
| Cc: | "Tom Lane" <tgl(at)sss(dot)pgh(dot)pa(dot)us>, <josh(at)agliodbs(dot)com>, <pgsql-hackers(at)postgresql(dot)org>, "Andrew Sullivan" <ajs(at)crankycanuck(dot)ca> |
| Subject: | Re: Design Considerations for New Authentication Methods |
| Date: | 2006-11-03 07:16:23 |
| Message-ID: | 6BCB9D8A16AC4241919521715F4D8BCEA0FCF0@algol.sollentuna.se |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
> > To be honest, I have often wondered *why* we support
> kerberos outside
> > of the uber l33t geek factor. I have not once in a commercial
> > deployment had a business requirement for the beast. LDAP?
> Now that is
> > a whole other issue :)
>
> Isn't NFSv4 a big application that uses Kerberos? I seem to
> recall that AFS may have been a large user as well.
AFS definitly used it.
But if you're looking for a "big application" that uses Kerberos,
there's that pesky thing called Windows. Every single Windows machine in
an active directory domain environment is a Kerberos client, and uses
Kerberos for authentication to all network services.
So Kerberos is definitly big. And more and more apps do support GSSAPI
for authentication. Not that many apps support "raw kerberos" as pgsql
does, probably because it does have some compatibility issues and such
things.
//Magnus
| From | Date | Subject | |
|---|---|---|---|
| Next Message | mark | 2006-11-03 07:56:06 | Re: Design Considerations for New Authentication Methods |
| Previous Message | Magnus Hagander | 2006-11-03 07:13:55 | Re: Design Considerations for New Authentication Methods |