Greetings,
* Ron (ronljohnsonjr@gmail.com) wrote:
> Does LDAP obviate the need for the PASSWORD clause of CREATE ROLE? It sounds
> obvious, but I wanted to verify before deciding whether or not to try LDAP,
> and did not see any reference in
> https://www.postgresql.org/docs/12/sql-createrole.html.
Using GSSAPI also results in the password not being needed to be set for
the role, and is actually secure, unlike LDAP-based auth where the
user's password is happily sent in the clear to the PG server.
Thanks,
Stephen