On Sun, Sep 10, 2017 at 4:31 PM, <[email protected]> wrote:
> > GSSAPI is the authentication mechanism of choice, and it's working fine. > > Here is what I'm trying to accomplish. > > 'user1' == 'user1' and '[email protected]' == 'user1'. > > From reading the docs, this is done via the pg_ident.conf file, and from > reading the logs, there is a problem with my map. > > Hmm... Interesting thought. > *testing* > It sort of works. Setting the maps below maps the users straight across. > 'user1' == 'user1' and '[email protected]' == '[email protected]', so > it's partially working. > > pg_indent.conf: > testnet /^([0-9A-Za-z_-]+)@A\.DOMAIN\.TLD$ \1 > testnet /^([0-9A-Za-z_-]+)@A\.DOMAIN\.TLD$ \[email protected] > I think you want this: testnet /(.*) \1 testnet /^([0-9A-Za-z_-]+)@A\.DOMAIN\.TLD$ \1 testnet /^([0-9A-Za-z_-]+) \[email protected] But since your pg_hba has include_realm=1, I don't know how you are getting the realmless "system user" names in the first place, so the last line really shouldn't be necessary. Cheers, Jeff
