| From: | Brian Crowell <brian(at)fluggo(dot)com> |
|---|---|
| To: | Stephen Frost <sfrost(at)snowman(dot)net> |
| Cc: | "pgsql-general(at)postgresql(dot)org >> PG-General Mailing List" <pgsql-general(at)postgresql(dot)org> |
| Subject: | Re: GSSAPI/SSPI and mismatched user names |
| Date: | 2014-02-24 19:41:06 |
| Message-ID: | CAAQkdDobYrpJZuatCi986nTPSVt2ODHj_WMooWfsHbYKbyeQTw@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
On Mon, Feb 24, 2014 at 1:06 PM, Stephen Frost <sfrost(at)snowman(dot)net> wrote:
> I'm afraid you're going to need to try harder to find out how to get the
> Windows GSSAPI/SSPI code to give you the princ. I was actually pretty
> sure that GSSAPI defined a way, but I don't know the Windows side of it
> or if they decided to not bother implementing parts of GSSAPI.
I don't think there's a Windows GSSAPI implementation at all. You're
expected to go through Win32 and all of their security providers.
Read here for some of the loveliness:
http://stackoverflow.com/questions/7613468/getting-the-current-username-when-impersonated
https://groups.google.com/forum/#!topic/microsoft.public.platformsdk.security/5L7ugO0Fc90
(Really, though, the Windows login infrastructure and API is rather nice.)
> Exactly- this is not something we can solve with a little bit of
> tweaking...
Nuts. It sounded easy :P
--Brian
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Bruce Momjian | 2014-02-24 20:55:20 | Re: plans for plpython in RDS? |
| Previous Message | Stephen Frost | 2014-02-24 19:06:01 | Re: GSSAPI/SSPI and mismatched user names |