Home > mailing lists

Re: BUG #9337: SSPI/GSSAPI with mismatched user names - Mailing list pgsql-bugs

From	Brian Crowell
Subject	Re: BUG #9337: SSPI/GSSAPI with mismatched user names
Date	February 24, 2014 22:15:29
Msg-id	CAAQkdDqg2oqmkqRHwsSNi07pB--uwN+S_8f-sXhOyFROhrogdQ@mail.gmail.com Whole thread Raw
In response to	Re: BUG #9337: SSPI/GSSAPI with mismatched user names (Tom Lane <tgl@sss.pgh.pa.us>)
Responses	Re: BUG #9337: SSPI/GSSAPI with mismatched user names Re: BUG #9337: SSPI/GSSAPI with mismatched user names
List	pgsql-bugs

Tree view

On Mon, Feb 24, 2014 at 1:10 PM, Tom Lane <tgl@sss.pgh.pa.us> wrote:
> Why exactly doesn't Npgsql know what the Kerberos principal name is?
> How did it obtain the ticket without knowing that?

Windows obtained the ticket, not Npgsql. It's attached to my logon
token without Npgsql's help. If I'm on the domain, I _might_ have
access to that information through a call to LsaGetLogonSessionData or
similar. If I'm not on the domain, I definitely don't.

Npgsql is just asking Windows to do GSSAPI auth on its behalf, so it
never really touches that info.

--Brian

pgsql-bugs by date:

From: Tom Lane
Date: 24 February 2014, 22:10:53
Subject: Re: BUG #9337: SSPI/GSSAPI with mismatched user names

From: Tom Lane
Date: 24 February 2014, 22:25:43
Subject: Re: BUG #9337: SSPI/GSSAPI with mismatched user names

Re: BUG #9337: SSPI/GSSAPI with mismatched user names - Mailing list pgsql-bugs

Previous

Next