[pgpool-general: 1488] Re: pgpool and md5 auth

Lazaro Ruben Garcia Martinez lgarciam at uci.cu
Fri Mar 15 00:05:37 JST 2013


Could you install the most stable release of 3.2 series, 3.2.3, because this realease has some bugs fixed. 

Enabled the debug mode in the pgpool.conf. 

start pgpool like this: pgpool -a pool_hba_file -d -f pgpool_config_file 

In debug mode you should see any kind of information about the autentication process. 

In any moments I had been the same problem but it was related with the configuration access (chmod and shown comands) over the pool_hba.conf and pool_password file. 

Another reasons, If you have 2 pg servers or more, each server need to has the same autentication configuration . 

Regards. 

Sorry for my poor english. 

----- Mensaje original -----

> Pgpool log say everything ok, that's seems weird because md5 crypt is
> wrong so i cant' understand why it's working in this case. I feel a
> huge mistake from myself but i can't see where .

> Pgpool connection vs pg server is ok (everything work well with pg
> client).

> Regards.

> > ----- Original Message -----
> 
> > From: Lazaro Ruben Garcia Martinez
> 
> > Sent: 03/14/13 03:27 PM
> 
> > To: uruvela of india
> 
> > Subject: Re: [pgpool-general: 1485] pgpool and md5 auth
> 

> > What says pgpool log file?
> 

> > Regards.
> 

> > Would you try to connect to pg server from pgpool machine, but only
> > from pgpool machine for testing is the pg service could accept
> > connections from this machine??
> 

> > Regards.
> 
> > ----- Mensaje original -----
> 

> > > Hi,
> > 
> 

> > > I'm looking for some help with MD5 authentification in pgpool.
> > 
> 

> > > 1st :
> > 
> 

> > > pgpool-II version 3.2.2 (namameboshi)
> > 
> 
> > > PG 9.2.3
> > 
> 

> > > * On PG server : I create a toto role with encrypted password,
> > > and
> > > add this line in pg_hba.conf :
> > 
> 
> > > host mydb toto my_pgpool_ip/32 md5
> > 
> 

> > > Restarting PG.
> > 
> 

> > > * On pgpool server :
> > 
> 

> > > pgpool.conf :
> > 
> 

> > > enable_pool_hba = on
> > 
> 
> > > pool_passwd = 'pool_passwd'
> > 
> 

> > > Create toto md5 password in pool_passwd :
> > 
> 

> > > toto:md5cb926329843e9a8f3eb15e0a2a5c9851
> > 
> 

> > > Checking same thing in PG in pg_authid :
> > 
> 

> > > | toto | md5cb926329843e9a8f3eb15e0a2a5c9851 |
> > 
> 

> > > pool_hba.conf :
> > 
> 

> > > add this line : local mydb toto md5
> > 
> 

> > > 2nd :
> > 
> 

> > > Starting pgpool.
> > 
> 

> > > Using perl script dbi.pl to test on pgpool server :
> > 
> 

> > > use DBI;
> > 
> 
> > > $DB_name = 'mydb';
> > 
> 
> > > $DB_user = 'toto';
> > 
> 
> > > $DB_pwd = 'mypassword';
> > 
> 
> > > $dbh =
> > > DBI->connect("dbi:Pg:dbname=$DB_name","$DB_user","$DB_pwd");
> > 
> 
> > > if ( !defined $dbh ) { die "Cannot connect to database!\n"; }
> > 
> 
> > > $sth = $dbh->prepare("SELECT * FROM pg_user");
> > 
> 
> > > $sth->execute();
> > 
> 
> > > while ( ($id,$name) = $sth->fetchrow_array() ) { print "$id\t\t
> > > $name
> > > \n";
> > 
> 
> > > }
> > 
> 
> > > $sth->finish();
> > 
> 
> > > $dbh->disconnect();
> > 
> 

> > > 1st launch : working
> > 
> 

> > > 2nd launch : changing md5 to reject in pool_hba.conf (restarting
> > > pgpool) : DBI connect('dbname=mydb','toto',...) failed: ERROR: no
> > > pool_hba.conf entry for host "[local]", user "toto", database
> > > "mydb"
> > > at dbi.pl line 5
> > 
> 

> > > 3rd launch : back to md5 in pool_hba.conf and changing toto by
> > > tito
> > > in pool_passwd (restarting pgpool) : DBI
> > > connect('dbname=mydb','toto',...) failed: ERROR: "MD5"
> > > authentication with pgpool failed for user "toto" at dbi.pl line
> > > 5
> > 
> 

> > > 4th launch : back to toto vs tito in pool_passwd and deleted
> > > everything after md5 (now pool_passwd is like this 'toto:md5') +
> > > restarting pgpool : working.
> > 
> 

> > > I miss something i'm sure :) but why it's working in 4th try ?
> > > It's
> > > seems only PG server do it's authentification job's.
> > 
> 
> > > _______________________________________________
> > 
> 
> > > pgpool-general mailing list
> > 
> 
> > > pgpool-general at pgpool.net
> > 
> 
> > > http://www.pgpool.net/mailman/listinfo/pgpool-general
> > 
> 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.sraoss.jp/pipermail/pgpool-general/attachments/20130314/397f664b/attachment-0001.html>


More information about the pgpool-general mailing list