Description of Authentication Methods Supported for Map is Misleading

Started by PG Bug reporting formover 6 years ago2 messagesdocs

Jump to latest

PG Bug reporting form

noreply@postgresql.org

over 6 years ago

The following documentation comment has been logged on the website:

Page: https://www.postgresql.org/docs/10/auth-pg-hba-conf.html
Description:

"This option is supported for all authentication methods that receive
external user names."

More properly, the authentication methods supported are: ident, peer,
gassapi, sspi, and cert.

LDAP is not supported and attempting to use map with LDAP provides the
following error:
'authentication option ""map"" is only valid for authentication methods
ident, peer, gssapi, sspi, and cert'

Magnus Hagander

magnus@hagander.net

over 6 years ago

In reply to: PG Bug reporting form (#1)

Re: Description of Authentication Methods Supported for Map is Misleading

On Fri, Dec 6, 2019 at 10:13 AM PG Doc comments form <noreply@postgresql.org>
wrote:

The following documentation comment has been logged on the website:

Page: https://www.postgresql.org/docs/10/auth-pg-hba-conf.html
Description:

"This option is supported for all authentication methods that receive
external user names."

More properly, the authentication methods supported are: ident, peer,
gassapi, sspi, and cert.

LDAP is not supported and attempting to use map with LDAP provides the
following error:
'authentication option ""map"" is only valid for authentication methods
ident, peer, gssapi, sspi, and cert'

This is correct. LDAP authentication does not receive external usernames.
It uses an external service to validate the password, but it gets the
username from the client.

--
Magnus Hagander
Me: https://www.hagander.net/ <http://www.hagander.net/>
Work: https://www.redpill-linpro.com/ <http://www.redpill-linpro.com/>