Ok, sorry, forgot to attach the patch. Here it is.
David
>---------------------------------------------------------
>Od: Kronus David
>Přijato: 5.3.2010 22:48:12
>Předmět: optional JAAS login
>
>Hi pgjdbc devs,
>I made a little change in the driver for myself and I'd like to offer it for inclusion in the official distribution.
>
>I was experimenting with the JAAS+GSS authentication provided by the driver and found out that I'd like to have the possibility to perform the JAAS login myself in the application that uses your pgjdbc driver. This means that I'd like to have the possibility of a full control of the creation of LoginContext. Currently the driver always creates this object, the only configurable thing is the name of JAAS configuration to be used. However, problems include specification of JAAS login.conf file location (I know, there is this java system property but that's really not much flexible) and the possibility to provide some functional implementation of the callback which might ask for a password if needed (currently if there are no valid credentials in the ticketcache and there was no password provided initially to the driver, the authentication fails - it's much better to have the possibility to ask for the password only when needed, I guess).
>
>On the hand I understand that for many uses it's handy to have the plugin actually perform the login so I decided to go with parameter 'performJaasLogin' which is true by default and can be set to 'false' in the connection URL. Then it determines whether the login is performed by the driver (value 'true') or not. The code change is trivial and I've tested it - it works as expected. You might use my ant task 'jaasauth' with the standard ant task 'sql' (specify empty password) to perform the JAAS authentication if you want (look at http://dave.matfyz.cz/page/en/software.html for download and documentation of 'jaasauth').
>
>Of course if you think there is a need to modify the code change a bit let me know...
>
>Greetings!
>David