| From: | Sean Chittenden <sean(at)chittenden(dot)org> |
|---|---|
| To: | Peter Eisentraut <peter_e(at)gmx(dot)net> |
| Cc: | pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: Kerberos and fe-auth... |
| Date: | 2002-01-31 05:21:48 |
| Message-ID: | 20020130212148.F53466@ninja1.internal |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
> > I don't think it's any surprise that I'm hot on kerberos (updated docs
> > will come, one thing at a time), however I'm really really really
> > supper annoyed with the fact that I can't specify a way for a host to
> > optionally use krb5 or optionally use password authentication.
>
> What??? Have you looked at pg_hba.conf recently?
In pg_hba.conf:
host all 0.0.0.0 0.0.0.0 krb5
host all 0.0.0.0 0.0.0.0 password
And from the CLI:
> klist
klist: No credentials cache found (ticket cache FILE:/tmp/krb5cc_80.1)
> psql -h db1 dbname user
psql: fe_sendauth: krb5 authentication failed
The only way I can do something about that is to reverse the order of
the above entries in hba.conf, however, if I do that, then I can't use
krb5. One or the other, not both, and that's my problem... thoughts?
-sc
--
Sean Chittenden
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Dave Page | 2002-01-31 08:35:20 | Re: A simpler way to configure the source code? |
| Previous Message | Peter Eisentraut | 2002-01-31 05:05:32 | Re: Kerberos and fe-auth... |