> It would depend in part on the size of the patch, and on whether
> there
> are any arguments for supporting GSSAPI besides "Java can't do
> Kerberos".
> What would it buy for a libpq user?

According to the Solaris Security engineers, GSSAPI is more secure than
using the Kerberos headers.  Also, in theory GSSAPI is supposed to
support multiple authentication back-ends (ldap, liberty, etc.), but I
personally have never seen support for anything but Kerberos.

Josh Berkus
PostgreSQL @ Sun
San Francisco 415-752-2500

---------------------------(end of broadcast)---------------------------
TIP 9: In versions below 8.0, the planner will ignore your desire to
       choose an index scan if your joining column's datatypes do not

Reply via email to