Tim,
* Tim Watts (tim(dot)j(dot)watts(at)kcl(dot)ac(dot)uk) wrote:
> Is it possible to specify GSSAPI auth (with MIT kerberos as the
> backend) but get Postgresql to fallback to prompting for a password
> if a kerberos ticket cannot be supplied by the client - eg because
> the client cannot do GSSAPI or because the client is not part of the
> kerberos realm?
You're right- it's a 'no'. It would also really degrade the security
which you get with Kerberos as you'd undoubtably end up with clients
storing those passwords and using them routinely instead of using
Kerberos.
Thanks,
Stephen