Forgive my late comment ... I haven't used the PAM support in postgresql
either, or I'd know.  PAM (I know for sure), and I suppose similarly BSD
Authentication, models a generalized auth interaction where a given
authentication module can send a number of arbitrary prompts back to the
client (via callbacks so different protocols and UIs can be used), and
demand a number of arbitrary responses, so that a variety of authentication
schemes can easily be supported.

Is the PostgreSQL support (for either PAM or BSD Authentication) able to
handle that in its designed generality, or only for the case (number of
requested items = 1, item 1 = a password)?

Could the general form be handled with the existing fe/be protocol,
or would the protocol have to grow?


Sent via pgsql-hackers mailing list (
To make changes to your subscription:

Reply via email to