Re: Future of krb5 authentication

* Magnus Hagander (magnus@hagander.net) wrote:
> Stephen Frost wrote:
> > * Magnus Hagander (magnus@hagander.net) wrote:
> >> Certainly not "just minor adjustments", since we need to do dynamic
> >> loading and checking for the functions. That's the big one, which will
> >
> > If we're supporting krb5 anyway, and shipping the bits that go along
> > with that, do we need to do dynamic loading and function checking?
>
> Eh, good point. I got confused, it seems :-) Scratch that, then - we're
> back to finding a good way to specify it.

Honestly, for now I'm happy w/ it being a connectionstring option.  It
seems the most appropriate place for it to go.  That does mean that
applications may need to be modified to support gssapi (where they might
not have to be for sspi since it's the default), but since we're going
to keep krb5 support around for a bit there's time for those
applications to catch up without breaking things explicitly for people
migrating to 8.3.

I'd also use that as an opportunity to encourage applications to expose
the connectionstring to users as there may be things like this in the
future where it's purely a library thing and the application doesn't
have to know about it- except for the connectionstring.
Thanks,
    Stephen