| Lists: | pgsql-hackers |
|---|
| From: | "Albe Laurenz" <all(at)adv(dot)magwien(dot)gv(dot)at> |
|---|---|
| To: | "Albe Laurenz" <all(at)adv(dot)magwien(dot)gv(dot)at> |
| Cc: | <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: [PATCHES] LDAP auth |
| Date: | 2006-03-06 09:46:34 |
| Message-ID: | 52EF20B2E3209443BC37736D00C3C138072E84B8@EXADV1.host.magwien.gv.at |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Lists: | pgsql-hackers |
>> I'm almost done with implementing a patch that recognizes
>> LDAP URLs in pg_services.conf and queries an LDAP server for
>> a connection option string.
>>
>> Currently I'm coding against libldap [...]
>
> If you haven't already, look at the ldap auth patch in the queue for
> some win32 specific issues - we do not want to rely on OpenLDAP on
> windows, since there is a builtin version that's almost the
> same (close enough).
Thank you for drawing my attention to that, I wasn't aware of it.
I'll definitely try to use the native winldap interface and try to
make my patch as compatible to yours as possible (configure
--with-ldap).
If your patch is accepted and a dependency on OpenLDAP is introduced,
my patch will provide an additional gain with no additional cost.
Yours,
Laurenz Albe
| From: | Greg Stark <gsstark(at)mit(dot)edu> |
|---|---|
| To: | "Albe Laurenz" <all(at)adv(dot)magwien(dot)gv(dot)at> |
| Cc: | <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: [PATCHES] LDAP auth |
| Date: | 2006-03-06 15:51:25 |
| Message-ID: | 871wxfpo5e.fsf@stark.xeocode.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Lists: | pgsql-hackers |
"Albe Laurenz" <all(at)adv(dot)magwien(dot)gv(dot)at> writes:
> If your patch is accepted and a dependency on OpenLDAP is introduced,
> my patch will provide an additional gain with no additional cost.
Out of curiosity what would an SQL database want with ldap anyways?
Is it just a set of bindings for ldap functions for applications?
--
greg
| From: | Andrew Dunstan <andrew(at)dunslane(dot)net> |
|---|---|
| To: | Greg Stark <gsstark(at)mit(dot)edu> |
| Cc: | Albe Laurenz <all(at)adv(dot)magwien(dot)gv(dot)at>, pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: [PATCHES] LDAP auth |
| Date: | 2006-03-06 20:00:07 |
| Message-ID: | 440C94C7.4060904@dunslane.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Lists: | pgsql-hackers |
Greg Stark wrote:
>"Albe Laurenz" <all(at)adv(dot)magwien(dot)gv(dot)at> writes:
>
>
>
>>If your patch is accepted and a dependency on OpenLDAP is introduced,
>>my patch will provide an additional gain with no additional cost.
>>
>>
>
>Out of curiosity what would an SQL database want with ldap anyways?
>
>
>
Single Sign On is the obvious answer.
I find it hard to imagine LDAP being sensibly use for any other postgres
purpose than authentication, despite recent flights of fancy on the list
about storing large slabs of config data there.
cheersw
andrew
| From: | Bruno Wolff III <bruno(at)wolff(dot)to> |
|---|---|
| To: | Andrew Dunstan <andrew(at)dunslane(dot)net> |
| Cc: | Greg Stark <gsstark(at)mit(dot)edu>, Albe Laurenz <all(at)adv(dot)magwien(dot)gv(dot)at>, pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: [PATCHES] LDAP auth |
| Date: | 2006-03-06 21:04:48 |
| Message-ID: | 20060306210448.GA20508@wolff.to |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Lists: | pgsql-hackers |
On Mon, Mar 06, 2006 at 15:00:07 -0500,
Andrew Dunstan <andrew(at)dunslane(dot)net> wrote:
>
> I find it hard to imagine LDAP being sensibly use for any other postgres
> purpose than authentication, despite recent flights of fancy on the list
> about storing large slabs of config data there.
It can also make sense to get authorization information from LDAP.
| From: | Andrew Dunstan <andrew(at)dunslane(dot)net> |
|---|---|
| To: | Bruno Wolff III <bruno(at)wolff(dot)to> |
| Cc: | Greg Stark <gsstark(at)mit(dot)edu>, Albe Laurenz <all(at)adv(dot)magwien(dot)gv(dot)at>, pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: [PATCHES] LDAP auth |
| Date: | 2006-03-07 02:29:30 |
| Message-ID: | 440CF00A.3090301@dunslane.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Lists: | pgsql-hackers |
Bruno Wolff III wrote:
>On Mon, Mar 06, 2006 at 15:00:07 -0500,
> Andrew Dunstan <andrew(at)dunslane(dot)net> wrote:
>
>
>>I find it hard to imagine LDAP being sensibly use for any other postgres
>>purpose than authentication, despite recent flights of fancy on the list
>>about storing large slabs of config data there.
>>
>>
>
>It can also make sense to get authorization information from LDAP.
>
>
>
Yes, that's true. But I can imagine putting a shared config setup on a
web server, or an ftp server, or a tftp server, a good deal more easily
than putting it in LDAP.
cheers
andrew