[pgpool-general: 1489] Re: pgpool and md5 auth

uruvela of india uruvela at email.com
Fri Mar 15 00:27:52 JST 2013


I m looking to install last stable version .

example of my log in debug mode :

 loading "/etc/pgpool2/pool_hba.conf" for client authentication configuration file
 pgpool-II successfully started. version 3.2.2 (namameboshi)
...
 Protocol Major: 3 Minor: 0 database: mydb user: toto
 new_connection: connecting 0 backend
 pool_ssl: SSL requested but SSL support is not available
 pool_read_message_length: slot: 0 length: 12
 pool_do_auth: auth kind:5
 trying md5 authentication
: DB node id: 0 salt: 657c38
 pool_read_message_length2: master slot: 0 length: 22
 0 th backend: name: application_name value:
pool_read_message_length2: master slot: 0 length: 25
 0 th backend: name: client_encoding value: UTF8
 pool_read_message_length2: master slot: 0 length: 23
 0 th backend: name: DateStyle value: ISO, DMY
 pool_read_message_length2: master slot: 0 length: 25
0 th backend: name: integer_datetimes value: on
 pool_read_message_length2: master slot: 0 length: 27
0 th backend: name: IntervalStyle value: postgres
pool_read_message_length2: master slot: 0 length: 21
 0 th backend: name: is_superuser value: off
 pool_read_message_length2: master slot: 0 length: 25
 0 th backend: name: server_encoding value: UTF8
 pool_read_message_length2: master slot: 0 length: 25
 0 th backend: name: server_version value: 9.2.3
 pool_read_message_length2: master slot: 0 length: 31
 0 th backend: name: session_authorization value: toto
 pool_read_message_length2: master slot: 0 length: 36
 0 th backend: name: standard_conforming_strings value: off
pool_read_message_length2: master slot: 0 length: 17
 0 th backend: name: TimeZone value: GMT
 pool_read_message_length: slot: 0 length: 12
 pool_do_auth: cp->info[i]:0x7fbc47d7c800 pid:29617
 pool_send_auth_ok: send pid 29617 to frontend
select_load_balancing_node: selected backend id is 0
 selected load balancing node: 0

----- Original Message -----
From: Lazaro Ruben Garcia Martinez
Sent: 03/14/13 04:05 PM
To: uruvela of india
Subject: Re: [pgpool-general: 1485] pgpool and md5 auth

Could you install the most stable release of 3.2 series, 3.2.3, because this realease has some bugs fixed.

Enabled the debug mode in the pgpool.conf.

start pgpool like this: pgpool -a pool_hba_file -d -f pgpool_config_file

In debug mode you should see any kind of information about the autentication process.

In any moments I had been the same problem but it was related with the configuration access (chmod and shown comands) over the pool_hba.conf and pool_password file.

Another reasons, If you have 2 pg servers or more, each server need to has the same autentication configuration.

Regards.

Sorry for my poor english.
-----------------------------------------------------------------
Pgpool log say everything ok, that's seems weird because md5 crypt is wrong so i cant' understand why it's working in this case. I feel a huge mistake from myself but i can't see where .

Pgpool connection vs pg server is ok (everything work well with pg client).

Regards.
----- Original Message -----
From: Lazaro Ruben Garcia Martinez
Sent: 03/14/13 03:27 PM
To: uruvela of india
Subject: Re: [pgpool-general: 1485] pgpool and md5 auth

What says pgpool log file?

Regards.

Would you try to connect to pg server from pgpool machine, but only from pgpool machine for testing is the pg service could accept connections from this machine??

Regards.
-----------------------------------------------------------------

Hi,

I'm looking for some help with MD5 authentification in pgpool.

1st :

pgpool-II version 3.2.2 (namameboshi)
PG 9.2.3

* On PG server : I create a toto role with encrypted password, and add this line in pg_hba.conf :
host mydb toto my_pgpool_ip/32 md5

Restarting PG.


* On pgpool server :

pgpool.conf :

enable_pool_hba = on 
pool_passwd = 'pool_passwd'

Create toto md5 password in pool_passwd :

toto:md5cb926329843e9a8f3eb15e0a2a5c9851

Checking same thing in PG in pg_authid :

| toto | md5cb926329843e9a8f3eb15e0a2a5c9851 |

pool_hba.conf :

add this line : local mydb toto md5

2nd :

Starting pgpool.

Using perl script dbi.pl http://dbi.pl&lang=en  to test on pgpool server :

use DBI;
$DB_name = 'mydb';
$DB_user = 'toto';
$DB_pwd = 'mypassword';
$dbh = DBI->connect("dbi:Pg:dbname=$DB_name","$DB_user","$DB_pwd");
if ( !defined $dbh ) { die "Cannot connect to database!\n"; }
$sth = $dbh->prepare("SELECT * FROM pg_user");
$sth->execute();
while ( ($id,$name) = $sth->fetchrow_array() ) { print "$id\t\t $name \n";
}
$sth->finish();
$dbh->disconnect();


1st launch : working

2nd launch : changing md5 to reject in pool_hba.conf (restarting pgpool) : DBI connect('dbname=mydb','toto',...) failed: ERROR: no pool_hba.conf entry for host "[local]", user "toto", database "mydb" at dbi.pl http://dbi.pl&lang=en  line 5

3rd launch : back to md5 in pool_hba.conf and changing toto by tito in pool_passwd (restarting pgpool) : DBI connect('dbname=mydb','toto',...) failed: ERROR: "MD5" authentication with pgpool failed for user "toto" at dbi.pl http://dbi.pl&lang=en  line 5

4th launch : back to toto vs tito in pool_passwd and deleted everything after md5 (now pool_passwd is like this 'toto:md5') + restarting pgpool : working.


I miss something i'm sure :) but why it's working in 4th try ? It's seems only PG server do it's authentification job's.
_______________________________________________
pgpool-general mailing list
pgpool-general at pgpool.net
http://www.pgpool.net/mailman/listinfo/pgpool-general
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.sraoss.jp/pipermail/pgpool-general/attachments/20130314/5b4410e8/attachment.html>


More information about the pgpool-general mailing list