Tom Lane wrote:
Magnus Hagander <[EMAIL PROTECTED]> writes:
Another option would be not to call the kerberos code there at all. All
other authentication methods that take the userid externally (gssapi,
sspi, ident) require the user to specify the name to connect as if it's
different from the one in the operating system. I think that's a very
uncommon scenario in any case - almost everybody will be using whatever
userid is used in the system, when using Kerberos.
Hmm, that's an interesting alternative. I like it because it takes away
some useless connection-startup overhead in the common case where you're
using a Kerberos-enabled library but Kerberos isn't set up on the system.
+1. Anything that reduces connection overhead is a definite plus.
cheers
andrew
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers
