Re: [GENERAL] postgres_fdw and Kerberos authentication

Jean-Marc, * Jean-Marc Lessard (jean-marc.less...@ultra-ft.com) wrote: > Stephen Frost [sfr...@snowman.net] wrote: > > The database owner operating system user has to be trusted, along with any > > superusers in the database, but if you assume those, then having PG manage > > the different

Re: [GENERAL] postgres_fdw and Kerberos authentication

Stephen Frost [sfr...@snowman.net] wrote: > The database owner operating system user has to be trusted, along with any > superusers in the database, but if you assume those, then having PG manage > the different Kerberos cache files > (one for each backend which has authenticated via Kerberos

Re: [GENERAL] postgres_fdw and Kerberos authentication

* Tom Lane (t...@sss.pgh.pa.us) wrote: > Jean-Marc Lessard writes: > > A nice way to meet security requirements would be to provide single sign on > > support for the postgres_fdw. > > As long as you have defined a user in the source and destination databases, >

Re: [GENERAL] postgres_fdw and Kerberos authentication

Jean-Marc Lessard writes: > A nice way to meet security requirements would be to provide single sign on > support for the postgres_fdw. > As long as you have defined a user in the source and destination databases, > and configure the Kerberos authentication you

[GENERAL] postgres_fdw and Kerberos authentication

postgres_fdw is a great feature, but several organizations disallow to hold any kind of passwords as plain text. Providing the superuser role is not either an option. A nice way to meet security requirements would be to provide single sign on support for the postgres_fdw. As long as you have