On Sun, Sep 10, 2017 at 4:31 PM, <techmail+pg...@dangertoaster.com> wrote:
>
> GSSAPI is the authentication mechanism of choice, and it's working fine.
>
> Here is what I'm trying to accomplish.
>
> 'user1' == 'user1' and 'us...@a.domain.tld' == 'user1'.
>
> From reading the docs, this is done via the pg_ident.conf file, and from
> reading the logs, there is a problem with my map.
>
> Hmm... Interesting thought.
> *testing*
> It sort of works. Setting the maps below maps the users straight across.
> 'user1' == 'user1' and 'us...@a.domain.tld' == 'us...@a.domain.tld', so
> it's partially working.
>
> pg_indent.conf:
> testnet /^([0-9A-Za-z_-]+)@A\.DOMAIN\.TLD$ \1
> testnet /^([0-9A-Za-z_-]+)@A\.DOMAIN\.TLD$ \1...@a.domain.tld
>
I think you want this:
testnet /(.*)
\1
testnet /^([0-9A-Za-z_-]+)@A\.DOMAIN\.TLD$ \1
testnet /^([0-9A-Za-z_-]+)
\1...@a.domain.tld
But since your pg_hba has include_realm=1, I don't know how you are getting
the realmless "system user" names in the first place, so the last line
really shouldn't be necessary.
Cheers,
Jeff
