Thread: Re: [PATCHES] LDAP auth

Re: [PATCHES] LDAP auth

From
"Albe Laurenz"
Date:
>> I'm almost done with implementing a patch that recognizes
>> LDAP URLs in pg_services.conf and queries an LDAP server for
>> a connection option string.
>>
>> Currently I'm coding against libldap [...]
>
> If you haven't already, look at the ldap auth patch in the queue for
> some win32 specific issues - we do not want to rely on OpenLDAP on
> windows, since there is a builtin version that's almost the
> same (close enough).

Thank you for drawing my attention to that, I wasn't aware of it.
I'll definitely try to use the native winldap interface and try to
make my patch as compatible to yours as possible (configure
--with-ldap).

If your patch is accepted and a dependency on OpenLDAP is introduced,
my patch will provide an additional gain with no additional cost.

Yours,
Laurenz Albe


Re: [PATCHES] LDAP auth

From
Greg Stark
Date:
"Albe Laurenz" <all@adv.magwien.gv.at> writes:

> If your patch is accepted and a dependency on OpenLDAP is introduced,
> my patch will provide an additional gain with no additional cost.

Out of curiosity what would an SQL database want with ldap anyways?
Is it just a set of bindings for ldap functions for applications?

-- 
greg



Re: [PATCHES] LDAP auth

From
Andrew Dunstan
Date:
Greg Stark wrote:

>"Albe Laurenz" <all@adv.magwien.gv.at> writes:
>
>  
>
>>If your patch is accepted and a dependency on OpenLDAP is introduced,
>>my patch will provide an additional gain with no additional cost.
>>    
>>
>
>Out of curiosity what would an SQL database want with ldap anyways?
>
>  
>


Single Sign On is the obvious answer.

I find it hard to imagine LDAP being sensibly use for any other postgres 
purpose than authentication, despite recent flights of fancy on the list 
about storing large slabs of config data there.

cheersw

andrew



Re: [PATCHES] LDAP auth

From
Bruno Wolff III
Date:
On Mon, Mar 06, 2006 at 15:00:07 -0500, Andrew Dunstan <andrew@dunslane.net> wrote:
> 
> I find it hard to imagine LDAP being sensibly use for any other postgres 
> purpose than authentication, despite recent flights of fancy on the list 
> about storing large slabs of config data there.

It can also make sense to get authorization information from LDAP.


Re: [PATCHES] LDAP auth

From
Andrew Dunstan
Date:
Bruno Wolff III wrote:

>On Mon, Mar 06, 2006 at 15:00:07 -0500,
>  Andrew Dunstan <andrew@dunslane.net> wrote:
>  
>
>>I find it hard to imagine LDAP being sensibly use for any other postgres 
>>purpose than authentication, despite recent flights of fancy on the list 
>>about storing large slabs of config data there.
>>    
>>
>
>It can also make sense to get authorization information from LDAP.
>
>  
>

Yes, that's true. But I can imagine putting a shared config setup on a 
web server, or an ftp server, or a tftp server, a good deal more easily 
than putting it in LDAP.

cheers

andrew