Brian Crowell <brian(at)fluggo(dot)com> writes:
> Right now, I'm seeing log entries like this:
> 2014-02-24 11:30:40 CST LOG: provided user name (Brian) and
> authenticated user name (BCrowell(at)REALM(dot)COM) do not match
> But the Kerberos ticket is perfectly valid, and matches a Postgres
> user. In this case, the program attempting to log in is incapable of
> determining the correct Postgres user name to send (see Npgsql bug for
> the dirty details), so why not just accept the Kerberos principal
> name?
Why exactly doesn't Npgsql know what the Kerberos principal name is?
How did it obtain the ticket without knowing that?
regards, tom lane