[pgpool-general: 8898] Re: pgpool forwarding database users/passwords
Bo Peng
pengbo at sraoss.co.jp
Wed Aug 2 11:45:25 JST 2023
Hi,
> How could I configure pgpool to "forward" username/password provided by
> client to postgresql? Is there a way to not use pool_passwd file?
You can avoid maintaining pool_passwd by setting "allow_clear_text_frontend_auth = on".
However, it is not recommended for production environments for security reasons.
If you don't want to maintain pool_passwd,
it is recommended to set "enable_pool_hba = on" and use hostssl and "password" method
in pool_hba.conf so that clients are enforced to use SSL encryption.
Please refer to the documentation for more details:
https://www.pgpool.net/docs/latest/en/html/auth-methods.html#AUTH-PASSWORD
On Tue, 1 Aug 2023 14:03:44 +0200
Tan Mientras <tanimientras at gmail.com> wrote:
> Hi
>
> Newbie here dealing with a minimal 3-node pgpool cluster (using bitnami
> docker image).
>
> On my first test after succesfully setting up the cluter, client complains
> with "pool_passwd file does not contain an entry for 'dbusername'"
>
> After reading
> https://www.pgpool.net/docs/pgpool-II-4.4.3/en/html/client-authentication.html
> I'm still unable to understand if pgpool can forward the credentials to
> postgresql or if it always act as a "man in the middle" and uses their own
> credentials to query the db.
>
> How could I configure pgpool to "forward" username/password provided by
> client to postgresql? Is there a way to not use pool_passwd file?
>
> Thanks in advance
> Regards.
--
Bo Peng <pengbo at sraoss.co.jp>
SRA OSS LLC
TEL: 03-5979-2701 FAX: 03-5979-2702
URL: https://www.sraoss.co.jp/
More information about the pgpool-general
mailing list