Tom Lane wrote:
> I don't recall exactly what Dick suggested, but the patch as applied
> seems like fairly useless verbiage. Exactly which of our other auth
> methods allow users who *don't* exist in the database to log in?
> And why would anyone find it surprising that this does not happen?
I think the difference is that PAM carries a user list of its own, and
users might be led to believe that it's enough to create a user in the
PAM system and it will automatically exist in the database.
With the other authentication methods, there is no external user list.
--
Peter Eisentraut
http://developer.postgresql.org/~petere/