On Sun, May 20, 2007 at 10:07:14PM -0400, Chris Browne wrote:
> jd@commandprompt.com ("Joshua D. Drake") writes:
> > Tino Wildenhain wrote:
> >
> >> This way you can use pg_hba.conf, dedicated system tables or
> >> maybe LDAP one day. (or just another postgres database) Does it
> >> sound too easy? I hope so :-)
> >
> > Actually, that sounds bad. PostgreSQL should be the source of its
> > own auth.
>
> If there's a clear *OTHER* authority in the matter (e.g. - an LDAP
> instance that manages numerous other things), then that's manifestly
> not the case.
There is a math problem with this, namely that LDAP auth systems
assume a tree, where PostgreSQL's ROLEs are actually a directed
acyclic graph.
> Making a selection of mechanisms configurable seems entirely
> reasonable to me.
>
> In a web hosting environment, it would seem quite reasonable for
> authentication to be controlled in some central way that's *not*
> necessarily PG-based.
It's far from clear to me that creating a high-value target with
catastrophic cascading failure modes--a single sign-on system is an
example of this--is a design goal we should "help" people implement.
Cheers,
David.
--
David Fetter <david@fetter.org> http://fetter.org/
phone: +1 415 235 3778 AIM: dfetter666
Skype: davidfetter
Remember to vote!
Consider donating to PostgreSQL: http://www.postgresql.org/about/donate