[pgpool-general: 6185] Unexpected behavior for Pgpool MD5 authentication against LDAP secured PostgreSQL

[Andre Piwoni]

I have setup PostgreSQL with LDAP against AD with Pgpool still configured
to use MD5 authentication until I figure out PAM with LDAP configuration
and I see unexpected results.

When I try to login to "ldap" database via Pgpool using my database
password for MD5 authentication I get expected failure because this
password does not match my LDAP(AD) pssword.
 DETAIL:  LDAP authentication failed for user "***"

When I try to login to "ldap" database via Pgpool using my AD password I
get through PgPool even though this password does not match MD5
authentication on PgPool as configured in password file. Why Pgpool let's
me through with password that does not match it's authentication scheme?

Here's config:

Pgpool
hostssl    all         all         0.0.0.0/0          md5
hostssl    all         all         ::/0               md5

PostgreSQL
hostssl ldap all 0.0.0.0/0 ldap ldapserver=*** ldapprefix="***"
ldapsuffix="***"
hostssl ldap all ::/0 ldap ldapserver=*** ldapprefix="***" ldapsuffix="***"
hostssl kerberos all 0.0.0.0/0 gss include_realm=0 krb_realm=***
hostssl kerberos all ::/0 gss include_realm=0 krb_realm=***
hostssl all all 0.0.0.0/0 md5
hostssl all all ::/0 md5

Thank you,

*Andre Piwoni*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.sraoss.jp/pipermail/pgpool-general/attachments/20180807/051afccd/attachment.html>