Re: [PoC] Federated Authn/z with OAUTHBEARER

From: Jacob Champion <jacob(dot)champion(at)enterprisedb(dot)com>
To: Daniel Gustafsson <daniel(at)yesql(dot)se>
Cc: Antonin Houska <ah(at)cybertec(dot)at>, Peter Eisentraut <peter(at)eisentraut(dot)org>, PostgreSQL Hackers <pgsql-hackers(at)postgresql(dot)org>
Subject: Re: [PoC] Federated Authn/z with OAUTHBEARER
Date: 2024-10-29 20:39:36
Message-ID: CAOYmi+k72UYBb0gN6gcu70MRjHGL5mqL0PmK7_P2EUt+PjyDvg@mail.gmail.com
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

On Tue, Oct 29, 2024 at 10:41 AM Daniel Gustafsson <daniel(at)yesql(dot)se> wrote:
> Question is though, if we added PAM
> today would we have done the same?

I assume so; the client can't tell PAM apart from LDAP or any other
plaintext method. (In the same vein, the server can't tell if the
client uses libcurl to grab a token, or something entirely different.)

--Jacob

In response to

Browse pgsql-hackers by date

  From Date Subject
Next Message Devulapalli, Raghuveer 2024-10-29 21:00:17 RE: Proposal for Updating CRC32C with AVX-512 Algorithm.
Previous Message Jacob Champion 2024-10-29 20:34:00 Re: [PoC] Federated Authn/z with OAUTHBEARER