| From: | Brian Crowell <brian(at)fluggo(dot)com> |
|---|---|
| To: | Christian Ullrich <chris(at)chrullrich(dot)net> |
| Cc: | "pgsql-general(at)postgresql(dot)org >> PG-General Mailing List" <pgsql-general(at)postgresql(dot)org> |
| Subject: | Re: GSSAPI server side on Linux, SSPI client side on Windows |
| Date: | 2013-11-12 16:19:52 |
| Message-ID: | CAAQkdDqDsGSReMPQBEYRiTC_BR=BGZgK=LkWi15Y1Qqv0GUyBA@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
On Tue, Nov 12, 2013 at 10:03 AM, Christian Ullrich
<chris(at)chrullrich(dot)net> wrote:
> Pseudocode:
>
> n = GetUserNameEx(NameSamCompatible) // "logon screen" case
> NameTranslate.Set(ADS_NAME_TYPE_NT4, n)
> n = NameTranslate.Get(ADS_NAME_TYPE_DOMAIN_SIMPLE) // "official" case
> n = n.CutAtTheAtSign()
> db.Connect("DSN=foo;UID=" + n)
>
> To get a usable realm name, ADS_NAME_TYPE_USER_PRINCIPAL_NAME is probably more correct.
>
> This works if the role name in pg_authid matches the user name in the directory, case-wise. It cannot be shortened to GetUserNameEx(NameUserPrincipal) because that also returns "logon screen" case.
I don't see any reason this can't be put in Npgsql. If the username
isn't supplied, the NpgsqlConnectionStringBuilder guesses it in the
UserName property. I'm going to make it guess correctly.
—Brian
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Kevin Grittner | 2013-11-12 16:41:01 | Re: Clang 3.3 Analyzer Results |
| Previous Message | dinesh kumar | 2013-11-12 16:18:51 | Re: select Xpath is returning values with {} |