* Tom Lane (t...@sss.pgh.pa.us) wrote: > Heikki Linnakangas <hlinnakan...@vmware.com> writes: > > We could also support using a library like that for additional > > authentication mechanisms, though, for those who really need them. > > We've already got a sufficiency of external authentication mechanisms. > If people wanted to use non-built-in authentication, we'd not be having > this discussion.
Just to be clear- lots of people *do* use the external authentication mechanisms we provide, particularly Kerberos/GSSAPI. SASL would bring us quite a few additional mechanisms (SQL-based, Berkley DB, one-time passwords, RSA SecurID, etc..) and would mean we might be able to eventually drop direct GSSAPI and LDAP support and have a better alternative for those who want to use password-based auth. Thanks, Stephen
signature.asc
Description: Digital signature