upstream/postgresql
1
0
Fork 0
mirror of https://github.com/postgres/postgres.git synced 2026-02-10 22:33:50 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
postgresql/src/backend
History
Stephen Frost 3d4fa227bc Add support for Kerberos credential delegation 
Support GSSAPI/Kerberos credentials being delegated to the server by a
client.  With this, a user authenticating to PostgreSQL using Kerberos
(GSSAPI) credentials can choose to delegate their credentials to the
PostgreSQL server (which can choose to accept them, or not), allowing
the server to then use those delegated credentials to connect to
another service, such as with postgres_fdw or dblink or theoretically
any other service which is able to be authenticated using Kerberos.

Both postgres_fdw and dblink are changed to allow non-superuser
password-less connections but only when GSSAPI credentials have been
delegated to the server by the client and GSSAPI is used to
authenticate to the remote system.

Authors: Stephen Frost, Peifeng Qiu
Reviewed-By: David Christensen
Discussion: https://postgr.es/m/CO1PR05MB8023CC2CB575E0FAAD7DF4F8A8E29@CO1PR05MB8023.namprd05.prod.outlook.com
2023-04-07 21:58:04 -04:00
..
access Show more detail in nbtree rmgr descriptions. 2023-04-07 16:46:23 -07:00
archive Redesign archive modules 2023-02-17 14:26:42 +09:00
backup Support long distance matching for zstd compression 2023-04-06 17:18:42 +02:00
bootstrap Fix CREATE INDEX progress reporting for multi-level partitioning. 2023-03-25 15:34:03 -04:00
catalog Add support for Kerberos credential delegation 2023-04-07 21:58:04 -04:00
commands Catalog NOT NULL constraints 2023-04-07 19:59:57 +02:00
executor Fix row tracking in pg_stat_statements with extended query protocol 2023-04-06 09:29:03 +09:00
foreign Add support for Kerberos credential delegation 2023-04-07 21:58:04 -04:00
jit SQL/JSON: support the IS JSON predicate 2023-03-31 22:34:04 +02:00
lib Fix ILIST_DEBUG build 2023-01-18 10:26:15 -08:00
libpq Add support for Kerberos credential delegation 2023-04-07 21:58:04 -04:00
main Mark options as deprecated in usage output 2023-03-02 14:36:37 +01:00
nodes Catalog NOT NULL constraints 2023-04-07 19:59:57 +02:00
optimizer Catalog NOT NULL constraints 2023-04-07 19:59:57 +02:00
parser Catalog NOT NULL constraints 2023-04-07 19:59:57 +02:00
partitioning Add SysCacheGetAttrNotNull for guaranteed not-null attrs 2023-03-25 22:49:33 +01:00
po meson: add install-{quiet, world} targets 2023-03-23 21:20:18 -07:00
port Update copyright for 2023 2023-01-02 15:00:37 -05:00
postmaster Add VACUUM/ANALYZE BUFFER_USAGE_LIMIT option 2023-04-07 11:40:31 +12:00
regex Refactor to introduce pg_locale_deterministic(). 2023-02-23 11:17:41 -08:00
replication Add a run_as_owner option to subscriptions. 2023-04-04 12:03:03 -04:00
rewrite Fix more bugs caused by adding columns to the end of a view. 2023-03-07 18:21:53 -05:00
snowball Update copyright for 2023 2023-01-02 15:00:37 -05:00
statistics Add SysCacheGetAttrNotNull for guaranteed not-null attrs 2023-03-25 22:49:33 +01:00
storage Track IO times in pg_stat_io 2023-04-07 17:04:56 -07:00
tcop When using valgrind, log the current query after an error is detected. 2023-04-03 10:18:38 -04:00
tsearch Fix ts_headline() edge cases for empty query and empty search text. 2023-04-06 15:52:44 -04:00
utils Add support for Kerberos credential delegation 2023-04-07 21:58:04 -04:00
.gitignore Add .gitignore entries for AIX-specific intermediate build artifacts. 2015-07-08 20:44:22 -04:00
common.mk Blind attempt to fix LLVM dependency in the backend 2022-09-15 10:53:48 +07:00
Makefile Redesign archive modules 2023-02-17 14:26:42 +09:00
meson.build meson: Prevent installation of test files during main install 2023-03-03 07:45:52 +01:00
nls.mk NLS: Put list of available languages into LINGUAS files 2022-07-13 08:19:17 +02:00