Tom Lane wrote:
> "Joshua D. Drake" <jd@commandprompt.com> writes:
>> Is there any reason why we haven't built a generic authentication API?
>> Something like PAM, except cross platform?
>
> We're database geeks, not security/crypto/authentication geeks. What
> makes you think we have any particular competence to do the above?
Well that is a valid point :). I was just asking.
Joshua D. Drake
>
> Actually, the part of this proposal that raised my hackles the most was
> the claim that GSSAPI provides a generic auth API, because that was
> exactly the bill of goods we were sold in connection with PAM. (So why
> is this our problem at all --- can't you make a PAM plugin for it??)
> It didn't help any that that was shortly followed by the lame admission
> that no one has ever implemented anything except Kerberos underneath it.
> Word to the wise, guys: go *real* soft on vaporware claims for auth
> stuff, because we've seen enough of those before.
>
> regards, tom lane
>
--
=== The PostgreSQL Company: Command Prompt, Inc. ===
Sales/Support: +1.503.667.4564 || 24x7/Emergency: +1.800.492.2240 Providing the most comprehensive PostgreSQL
solutionssince 1997 http://www.commandprompt.com/