Re: [PATCHES] LDAP auth - Mailing list pgsql-hackers

From Magnus Hagander
Subject Re: [PATCHES] LDAP auth
Date
Msg-id 6BCB9D8A16AC4241919521715F4D8BCEA0F837@algol.sollentuna.se
Whole thread Raw
List pgsql-hackers
> >>If your patch is accepted and a dependency on OpenLDAP is
> introduced,
> >>my patch will provide an additional gain with no additional cost.
> >>
> >>
> >
> >Out of curiosity what would an SQL database want with ldap anyways?
> >
> >
> >
> Single Sign On is the obvious answer.

LDAP doesn't actually provide Single Sign On. It does provide Single
Login with Single Password. But you still have to type in your password
again for each login.

Kerberos provides single sign-on, where you just log in once and you're
done - no more password entry.


> I find it hard to imagine LDAP being sensibly use for any
> other postgres purpose than authentication, despite recent
> flights of fancy on the list about storing large slabs of
> config data there.

Well, that does seem to be the flavour of the month though.. ;-)

//Magnus


pgsql-hackers by date:

Previous
From: Andrew Dunstan
Date:
Subject: Re: Coverity Open Source Defect Scan of PostgreSQL
Next
From: Josh Berkus
Date:
Subject: Re: Coverity Open Source Defect Scan of PostgreSQL