Forgive my late comment ... I haven't used the PAM support in postgresql either, or I'd know. PAM (I know for sure), and I suppose similarly BSD Authentication, models a generalized auth interaction where a given authentication module can send a number of arbitrary prompts back to the client (via callbacks so different protocols and UIs can be used), and demand a number of arbitrary responses, so that a variety of authentication schemes can easily be supported.
Is the PostgreSQL support (for either PAM or BSD Authentication) able to handle that in its designed generality, or only for the case (number of requested items = 1, item 1 = a password)? Could the general form be handled with the existing fe/be protocol, or would the protocol have to grow? -Chap -- Sent via pgsql-hackers mailing list (firstname.lastname@example.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers