Collected from the PG bugs email list.
|Reported by||Yudhveer Kandukuri|
Body of first available message related to this bug follows.
The following bug has been logged on the website: Bug reference: 16079 Logged by: Yudhveer Kandukuri Email address: (redacted) PostgreSQL version: 10.10 Operating system: UBUNTU Description: As your team mentioned that LDAP process is not secured compared to the GSSAPI authentication. Can you clarify me this question, whenever the client provide his credentials to connect to the PostgreSQL server it will authenticated against the LDAP Server and then LDAP will direct the client connecttion to the Postgrers server. But the user credentials will not be sent to Postgresql server to authenticate. Because your team mentioned this statement " it's much more secure than using LDAP-based auth and avoids the user's password being sent to the PostgreSQL server (where it could be compromised if the PGprocess is compromised)." I am having user defined in the LDAP server with all the credentails and also same user in the postgres server.
|2019-10-25 23:16:25+00||PG Bug reporting form||BUG #16079: Question Regarding the BUG #16064|
|2019-10-28 15:47:54+00||Stephen Frost||Re: BUG #16079: Question Regarding the BUG #16064|
|2019-11-15 04:41:12+00||Thomas Munro||Re: BUG #16079: Question Regarding the BUG #16064|
|2019-11-16 13:29:58+00||Magnus Hagander||Re: BUG #16079: Question Regarding the BUG #16064|
|2019-12-03 19:58:12+00||Stephen Frost||Re: BUG #16079: Question Regarding the BUG #16064|
|2019-12-03 20:10:02+00||Stephen Frost||Re: BUG #16079: Question Regarding the BUG #16064|