Thread: pgsql: Allow LDAP authentication to operate in search+bind mode, meaning
pgsql: Allow LDAP authentication to operate in search+bind mode, meaning
From
mha@postgresql.org (Magnus Hagander)
Date:
Log Message:
-----------
Allow LDAP authentication to operate in search+bind mode, meaning it
does a search for the user in the directory first, and then binds with
the DN found for this user.
This allows for LDAP logins in scenarios where the DN of the user cannot
be determined simply by prefix and suffix, such as the case where different
users are located in different containers.
The old way of authentication can be significantly faster, so it's kept
as an option.
Robert Fleming and Magnus Hagander
Modified Files:
--------------
pgsql/doc/src/sgml:
client-auth.sgml (r1.124 -> r1.125)
(http://anoncvs.postgresql.org/cvsweb.cgi/pgsql/doc/src/sgml/client-auth.sgml?r1=1.124&r2=1.125)
pgsql/src/backend/libpq:
auth.c (r1.187 -> r1.188)
(http://anoncvs.postgresql.org/cvsweb.cgi/pgsql/src/backend/libpq/auth.c?r1=1.187&r2=1.188)
hba.c (r1.192 -> r1.193)
(http://anoncvs.postgresql.org/cvsweb.cgi/pgsql/src/backend/libpq/hba.c?r1=1.192&r2=1.193)
pgsql/src/include/libpq:
hba.h (r1.59 -> r1.60)
(http://anoncvs.postgresql.org/cvsweb.cgi/pgsql/src/include/libpq/hba.h?r1=1.59&r2=1.60)