| From: | Stephen Frost <sfrost(at)snowman(dot)net> |
|---|---|
| To: | Andrej <andrej(dot)groups(at)gmail(dot)com> |
| Cc: | "Heckler, Kim M" <kim(dot)heckler(at)nationwide(dot)com>, "pgsql-novice(at)postgresql(dot)org" <pgsql-novice(at)postgresql(dot)org> |
| Subject: | Re: Password aging |
| Date: | 2020-02-05 20:39:21 |
| Message-ID: | 20200205203920.GA3195@tamriel.snowman.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-novice |
Greetings,
* Andrej (andrej(dot)groups(at)gmail(dot)com) wrote:
> I'm not aware of any such extension; but similar questions were asked in
> the past, and the common (and IMHO sensible) response is to tie postgres
> authentication into an external authentication provider, e.g. LDAP
I agree with the idea of tying PG to an external authentication
provider, but I strongly recommend to use GSSAPI and *not* LDAP, as LDAP
based auth is insecure and not needed when you're running an Active
Directory environment (which is a very common use-case that people
have in many places).
Thanks,
Stephen
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Garry Chen | 2020-02-06 21:21:32 | Execute function from remote Oracle database through Oracle ODBC gateway |
| Previous Message | Andrej | 2020-02-05 20:18:17 | Re: Password aging |