* Brian Crowell (brian@xxxxxxxxxx) wrote: > On Mon, Feb 24, 2014 at 12:55 PM, Stephen Frost <sfrost@xxxxxxxxxxx> wrote: > > * Brian Crowell (brian@xxxxxxxxxx) wrote: > >> https://github.com/npgsql/Npgsql/issues/162#issuecomment-35916650 > > > > Reading through this- can't you use GSSAPI to get the Kerberos princ > > found the ticket which is constructed? I'm pretty sure the MIT > > libraries support that, at least... > > I expected I might be able to do that on Linux, but right now I'm > trying to work out the Windows non-domain case. I'm afraid you're going to need to try harder to find out how to get the Windows GSSAPI/SSPI code to give you the princ. I was actually pretty sure that GSSAPI defined a way, but I don't know the Windows side of it or if they decided to not bother implementing parts of GSSAPI. > Unfortunately, in this case I don't even have a wrong-cased username > to start with. I have the user name of the logged-in non-domain user, > which is not the user name of the domain credentials I'm sending > across the network. You're going to need to figure out how to tell PG what PG user you want to log in as in the initial packet. > > We need the username to figure out which auth method we're using... > > Oh dear. Exactly- this is not something we can solve with a little bit of tweaking... Thanks, Stephen
Attachment:
signature.asc
Description: Digital signature
