From: | Keith Brown <keith6014(at)gmail(dot)com> |
---|---|
To: | Stephen Frost <sfrost(at)snowman(dot)net> |
Cc: | pgsql-general(at)postgresql(dot)org |
Subject: | Re: LDAP authorization with postgresql |
Date: | 2021-10-08 20:01:38 |
Message-ID: | CAPPhDfhkLhka42VYnahyZswk6o6gU02aCU8_WR0rYG0H9h6Zkw@mail.gmail.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-general |
Yes, authentication with gss is great. Just authorization story with
postgresql is much harder. Should I even bother with LDAP? instead
just do it manually? I want to avoid another component like
pg-ldap-sync
On Fri, Oct 8, 2021 at 3:08 PM Stephen Frost <sfrost(at)snowman(dot)net> wrote:
>
> Greetings,
>
> * Keith Brown (keith6014(at)gmail(dot)com) wrote:
> > I use GSS for authentication. But I would like to setup LDAP based
> > authorization, so a user can have access to a particular
> > database/role/etc...I found documentation on how to setup LDAP but
> > don't really see any examples for what I am trying to do. Any
> > suggestions?
>
> You probably want to look into a tool to sync your LDAP directory group
> membership with roles in PG.
>
> eg: https://github.com/larskanis/pg-ldap-sync
>
> (Glad to hear you're using GSS for authentication!)
>
> Thanks,
>
> Stephen
From | Date | Subject | |
---|---|---|---|
Next Message | Anil | 2021-10-09 16:01:50 | Error: server closed the connection unexpectedly |
Previous Message | Stephen Frost | 2021-10-08 19:08:19 | Re: LDAP authorization with postgresql |