On Thu, May 28, 2009 at 2:07 PM, Peter Koczan <pjkoc...@gmail.com> wrote: > On Thu, May 28, 2009 at 1:30 PM, Tom Lane <t...@sss.pgh.pa.us> wrote: >> Peter Koczan <pjkoc...@gmail.com> writes: >>> It was rather convenient to know that whatever Kerberos principal was >>> used was going to be the database user. >> >> Isn't that still true? (Modulo the auth.c bug fix of course.) The only >> issue here is where the default guess for a not-explicitly-specified >> username comes from, not whether you'll be allowed to connect or not. > > That's what I meant. It was convenient to have the default guess be > the Kerberos principal for krb5/gss connections. This is still the > case in the vast majority of connections, so it's probably not worth > bending over backwards to satisfy these edge cases.
And by "this is still the case", I mean that the principal name and the username line up and exhibit the same overt behavior. Not that the principal forces the username. I need a break. :-) Peter -- Sent via pgsql-bugs mailing list (pgsql-bugs@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-bugs
