On Mon, Feb 24, 2014 at 1:10 PM, Tom Lane <tgl@sss.pgh.pa.us> wrote:
> Why exactly doesn't Npgsql know what the Kerberos principal name is?
> How did it obtain the ticket without knowing that?
Windows obtained the ticket, not Npgsql. It's attached to my logon
token without Npgsql's help. If I'm on the domain, I _might_ have
access to that information through a call to LsaGetLogonSessionData or
similar. If I'm not on the domain, I definitely don't.
Npgsql is just asking Windows to do GSSAPI auth on its behalf, so it
never really touches that info.
--Brian