Greetings John,
* John R Pierce (pierce@hogranch.com) wrote:
> On 9/20/2017 6:55 AM, Stephen Frost wrote:
> >If AD is in the mix here, then there's no need to have things happening
> >at the database level when it comes to passwords- configure PG to use
> >Kerberos and create a princ in AD and put that on the database server
> >and then users can authenticate that way.
>
> for web apps? how does a web browser do kerberos over http ?
Yes, and using SPNEGO, which the major browsers have all supported for a
very long time.
Thanks!
Stephen