AIL PROTECTED]
Sent: Wednesday, July 18, 2007 6:42 AM
To: Paul Silveira
Cc: pgsql-hackers@postgresql.org
Subject: Re: [HACKERS] SSPI authentication
On Tue, Jul 17, 2007 at 11:00:35AM -0700, Paul Silveira wrote:
>
> This is great. I've worked on 2 projects in the last year that
desp
On Tue, Jul 17, 2007 at 11:00:35AM -0700, Paul Silveira wrote:
>
> This is great. I've worked on 2 projects in the last year that desperately
> needed this. It will certainly make the security model more seamless...
Thanks for letting us know.
Are you interested in just the SSPI parts, or also
On Wed, Jul 18, 2007 at 09:44:02AM +0100, Dave Page wrote:
> Magnus Hagander wrote:
> > Dave Page wrote:
> >> Magnus Hagander wrote:
> >>> So what we'd need in that case is a new libpq connectionstring
> >>> parameter. Which can be done, but it'd require that all frontends that
> >>> use libpq add
Magnus Hagander wrote:
> Dave Page wrote:
>> Magnus Hagander wrote:
>>> So what we'd need in that case is a new libpq connectionstring
>>> parameter. Which can be done, but it'd require that all frontends that
>>> use libpq add support for it - such as pgadmin. I'm not sure if the ODBC
>>> driver w
This is great. I've worked on 2 projects in the last year that desperately
needed this. It will certainly make the security model more seamless...
-Paul
Magnus Hagander-2 wrote:
>
> A quick status update on the SSPI authentication part of the GSSAPI
> project.
>
> I have libpq SSPI workin
Dave Page wrote:
> Magnus Hagander wrote:
>> So what we'd need in that case is a new libpq connectionstring
>> parameter. Which can be done, but it'd require that all frontends that
>> use libpq add support for it - such as pgadmin. I'm not sure if the ODBC
>> driver will support arbitrary argument
Stephen Frost wrote:
> * Magnus Hagander ([EMAIL PROTECTED]) wrote:
>> Stephen Frost wrote:
>>> If both are made available then I think that'd work fine for us. I'm
>>> concerned that the windows builds wouldn't include a version of libpq w/
>>> GSSAPI...
>> The default build wouldn't. The binary
Magnus Hagander wrote:
> So what we'd need in that case is a new libpq connectionstring
> parameter. Which can be done, but it'd require that all frontends that
> use libpq add support for it - such as pgadmin. I'm not sure if the ODBC
> driver will support arbitrary arguments, otherwise that one n
* Magnus Hagander ([EMAIL PROTECTED]) wrote:
> Stephen Frost wrote:
> > If both are made available then I think that'd work fine for us. I'm
> > concerned that the windows builds wouldn't include a version of libpq w/
> > GSSAPI...
>
> The default build wouldn't. The binary build wouldn't. If yo
Stephen Frost wrote:
> * Magnus Hagander ([EMAIL PROTECTED]) wrote:
>>> The way this is handled in a number of other applications (putty being
>>> the one that comes to mind easily) is that two DLLs are built- one for
>>> SSPI and one for GSSAPI and you can easily switch between them on the
>>> cli
* Magnus Hagander ([EMAIL PROTECTED]) wrote:
> > The way this is handled in a number of other applications (putty being
> > the one that comes to mind easily) is that two DLLs are built- one for
> > SSPI and one for GSSAPI and you can easily switch between them on the
> > client. That'd work fine
Stephen Frost wrote:
> * Magnus Hagander ([EMAIL PROTECTED]) wrote:
>> Stephen Frost wrote:
>>> I'm not quite sure if that would affect what we do but it sounds like it
>>> might. The main thing we use on the clients wrt Postgres is the ODBC
>>> driver but I've used psql once or twice and have be
* Magnus Hagander ([EMAIL PROTECTED]) wrote:
> Stephen Frost wrote:
> > I'm not quite sure if that would affect what we do but it sounds like it
> > might. The main thing we use on the clients wrt Postgres is the ODBC
> > driver but I've used psql once or twice and have been trying to get
> > peo
Stephen Frost wrote:
> * Magnus Hagander ([EMAIL PROTECTED]) wrote:
>> I've set it up as a different way of doing GSSAPI authentication. This
>> means that if you can't have both SSPI and MIT KRB GSSAPI in the same
>> installation. I don't see a problem with this - 99.9% of windows users
>> will ju
* Magnus Hagander ([EMAIL PROTECTED]) wrote:
> I've set it up as a different way of doing GSSAPI authentication. This
> means that if you can't have both SSPI and MIT KRB GSSAPI in the same
> installation. I don't see a problem with this - 99.9% of windows users
> will just want the SSPI version an
A quick status update on the SSPI authentication part of the GSSAPI project.
I have libpq SSPI working now, with a few hardcoded things still in
there to be fixed. But it means that I can connect to a linux server
using kerberos/GSSAPI *without* the need to set up MIR Kerberos
libraries and settin
16 matches
Mail list logo