[pgpool-general: 6627] Re: pgpool Authentication
Tatsuo Ishii
ishii at sraoss.co.jp
Tue Jul 9 15:47:15 JST 2019
> Regarding pgpool authentication (pgpool 4.2)
There's no such a version "4.2". You mean 4.0?
> Configuration are
>
> pgpool.conf
> enable_pool_hba = on
>
> pool_hba.conf
> host all all all md5
> local all all md5
What is your pg_hba.conf?
> pool_passwd
> postgres: "someValue"
> mpspostgres: "someValue"
>
> When i tried to connection to pgpool (with password as "someValue")
> psql -U mpsroot -p 5432 -h 192.168.1.233 mpsdb
>
> Que 1 :I am successfully able to connection even though password for
> mpsroot user is not present in pool_passwd file and axxording to
>
> https://pgpool.net/mediawiki/index.php/FAQ#I_created_pool_hba.conf_and_pool_passwd_to_enable_md5_authentication_through_pgpool-II_but_it_does_not_work._Why.3F
> Auth should fail
Probably you are of the pattern in the FAQ above.
pg_hba.conf pool_hba.conf pool_passwd result
------------------------------------------------------
trust md5 yes no auth
If not, please share pg_hba.conf.
> Que 2: In pgpool authentication, between client to pgpool and pgpool to
> backend DB Why both password have to be same .
By design.
> Que 3: From client when i give a password in connection string , is same
> password use for authenticating the client at pgpool and authentication the
> client at backend DB
Yes.
> Que 3: what if we want authentication at back-end (DB) node only , not at
> pgpool
> In that case pgpool send a password from pool_passswd file or whatever the
> password client passes in connection string
See "allow_clear_text_frontend_auth" in:
http://www.pgpool.net/docs/latest/en/html/runtime-config-connection.html#RUNTIME-CONFIG-AUTHENTICATION-SETTINGS
> Que 4: If DB has authentication on, do we need a authentication at pgpool
> level.
It's up to you.
> Que5 : In case we only enable authentication at DB not at pgpool, for
> cached connection from pgpool to DB , do client still need to authorized.
Yes.
Best regards,
--
Tatsuo Ishii
SRA OSS, Inc. Japan
English: http://www.sraoss.co.jp/index_en.php
Japanese:http://www.sraoss.co.jp
More information about the pgpool-general
mailing list