Hello,
I have a problem when I am using gss map. I want to map the user xxx@company.com to db role company_com_xxx
here is my pa_hba.conf:
=================
# TYPE DATABASE USER ADDRESS METHOD
host all all all gss include_realm=1 map=mymap
here is the pg_ident.conf
=================
# MAPNAME SYSTEM-USERNAME PG-USERNAME
mymap /(.*)@COMPANY.COM company_com_\1
However, it doesn't work, I got error message
=================
LOG: no match in usermap "mymap" for user "xxx" authenticated as "xxx@COMPANY.COM"
FATAL: GSSAPI authentication failed for user "xxx"
DETAIL: Connection matched pg_hba.conf line 88: "host all all all gss include_realm=1 map=mymap"
but if I changed the map to
=================
# MAPNAME SYSTEM-USERNAME PG-USERNAME
mymap /(.*)@COMPANY.COM \1
then I can login, I have created role xxx and company_com_xxx in db side. even if I hard code the username in the mapping like
=================
# MAPNAME SYSTEM-USERNAME PG-USERNAME
mymap /(.*)@COMPANY.COM company_com_xxx
it still doesn't work. any idea?
Thanks in advance!
James