Yes, authentication with gss is great. Just authorization story with postgresql is much harder. Should I even bother with LDAP? instead just do it manually? I want to avoid another component like pg-ldap-sync
On Fri, Oct 8, 2021 at 3:08 PM Stephen Frost <sfr...@snowman.net> wrote: > > Greetings, > > * Keith Brown (keith6...@gmail.com) wrote: > > I use GSS for authentication. But I would like to setup LDAP based > > authorization, so a user can have access to a particular > > database/role/etc...I found documentation on how to setup LDAP but > > don't really see any examples for what I am trying to do. Any > > suggestions? > > You probably want to look into a tool to sync your LDAP directory group > membership with roles in PG. > > eg: https://github.com/larskanis/pg-ldap-sync > > (Glad to hear you're using GSS for authentication!) > > Thanks, > > Stephen
