[SSPI] Windows group support - Mailing list pgsql-hackers

From The Dude
Subject [SSPI] Windows group support
Date
Msg-id CA+bhM4LXGi49XeGBGNd10xk8xwP_OsenDGgAxLd_XQKPCgrVeQ@mail.gmail.com
Whole thread Raw
List pgsql-hackers
Hi,

I have some code that I've been using in production that supports adding and authenticating Windows groups via the pg_ident file.  It has a new indicator (+), that signifies the identifier is a Windows group, as in the following example:

# MAPNAME   SYSTEM-USERNAME       PG-USERNAME    
"Users" "+User group"   postgres

A new function was added to test if a user token is in the windows group:

/*
 * Check if the user (sspiToken) is a member of the specified group
 */
static BOOL
sspi_user_is_in_group(HANDLE sspiToken, LPCTSTR groupName)

I wanted to share this as a patch for the latest, as soon as I port it to v12.  Does this sound reasonable?

thanks,
Russell

pgsql-hackers by date:

Previous
From: Fujii Masao
Date:
Subject: Re: Remove non-fast promotion Re: Should we remove a fallbackpromotion? take 2
Next
From: Tom Lane
Date:
Subject: Re: Fix for pg_statio_all_tables