Authentication & Authorization

LDAP

The LDAP method of authentication is useful in situations when there are a large numbers of users and passwords must be managed from a central location. In this scenario, the security configuration file pg_hba.conf (postgres host-based access) restricts access based on user name, database, and source IP (if the user is connecting via TCP/IP.) This has the advantage of keeping the pg_hba.conf file small(er) and more manageable, and gives users a "unified password experience" across the infrastructure. RADIUS is another option supprted by EDB Postgres Advanced Server for larger numbers of users.

Resources

  • coming soon

 

 

 


Resources

  • coming soon

 

 

Active Directory

COMING SOON

 

 

 

 


Kerberos Integration 

The GSSAPI (Generic Security Services API) is an industry-standard protocol for secure enterprise level authentication and authorization models, such as Kerberos (and LDAP). EDB Postgres Advanced Server supports Kerberos, a secure authentication system suitable for distributed computing over a public network. Kerberos provides secure authentication with secret-key cryptography.

Resources

  • Coming soon.