| From: | Keith Brown <keith6014(at)gmail(dot)com> |
|---|---|
| To: | Stephen Frost <sfrost(at)snowman(dot)net> |
| Cc: | pgsql-general(at)postgresql(dot)org |
| Subject: | Re: LDAP authorization with postgresql |
| Date: | 2021-10-08 20:01:38 |
| Message-ID: | CAPPhDfhkLhka42VYnahyZswk6o6gU02aCU8_WR0rYG0H9h6Zkw@mail.gmail.com |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
Yes, authentication with gss is great. Just authorization story with
postgresql is much harder. Should I even bother with LDAP? instead
just do it manually? I want to avoid another component like
pg-ldap-sync
On Fri, Oct 8, 2021 at 3:08 PM Stephen Frost <sfrost(at)snowman(dot)net> wrote:
>
> Greetings,
>
> * Keith Brown (keith6014(at)gmail(dot)com) wrote:
> > I use GSS for authentication. But I would like to setup LDAP based
> > authorization, so a user can have access to a particular
> > database/role/etc...I found documentation on how to setup LDAP but
> > don't really see any examples for what I am trying to do. Any
> > suggestions?
>
> You probably want to look into a tool to sync your LDAP directory group
> membership with roles in PG.
>
> eg: https://github.com/larskanis/pg-ldap-sync
>
> (Glad to hear you're using GSS for authentication!)
>
> Thanks,
>
> Stephen
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Anil | 2021-10-09 16:01:50 | Error: server closed the connection unexpectedly |
| Previous Message | Stephen Frost | 2021-10-08 19:08:19 | Re: LDAP authorization with postgresql |