Quick Links

Re: BUG #9337: SSPI/GSSAPI with mismatched user names

From:	Brian Crowell <brian(at)fluggo(dot)com>
To:	Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
Cc:	pgsql-bugs <pgsql-bugs(at)postgresql(dot)org>
Subject:	Re: BUG #9337: SSPI/GSSAPI with mismatched user names
Date:	2014-02-24 19:15:25
Message-ID:	CAAQkdDqg2oqmkqRHwsSNi07pB--uwN+S_8f-sXhOyFROhrogdQ@mail.gmail.com
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-bugs

On Mon, Feb 24, 2014 at 1:10 PM, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:
> Why exactly doesn't Npgsql know what the Kerberos principal name is?
> How did it obtain the ticket without knowing that?

Windows obtained the ticket, not Npgsql. It's attached to my logon
token without Npgsql's help. If I'm on the domain, I _might_ have
access to that information through a call to LsaGetLogonSessionData or
similar. If I'm not on the domain, I definitely don't.

Npgsql is just asking Windows to do GSSAPI auth on its behalf, so it
never really touches that info.

--Brian

In response to

Re: BUG #9337: SSPI/GSSAPI with mismatched user names at 2014-02-24 19:10:48 from Tom Lane

Responses

Re: BUG #9337: SSPI/GSSAPI with mismatched user names at 2014-02-24 19:25:37 from Tom Lane
Re: BUG #9337: SSPI/GSSAPI with mismatched user names at 2014-02-24 19:27:32 from Stephen Frost

Browse pgsql-bugs by date

	From	Date	Subject
Next Message	Tom Lane	2014-02-24 19:25:37	Re: BUG #9337: SSPI/GSSAPI with mismatched user names
Previous Message	Tom Lane	2014-02-24 19:10:48	Re: BUG #9337: SSPI/GSSAPI with mismatched user names