[pgpool-general: 8902] Re: pgpool forwarding database users/passwords

Bo Peng pengbo at sraoss.co.jp
Wed Aug 2 17:45:07 JST 2023 

hi,

> on my pool_hba.conf doesnt work as expected and still complains in logs for
> pool_password file not containing dbusername.

Did you get the error when your application connects to pgpool or 
when you connect to pgpool using psql?

As you mentioned you are using bitnami docker image.
Sorry, I am not familiar with bitnami docker image.
Please make sure the setting was updated.

On Wed, 2 Aug 2023 10:29:29 +0200
Tan Mientras <tanimientras at gmail.com> wrote:

> yes
> 
> On Wed, Aug 2, 2023 at 10:12 AM Bo Peng <pengbo at sraoss.co.jp> wrote:
> 
> > Hi,
> >
> > Did you enable "enable_pool_hba" in pgpool.conf?
> >
> >   enable_pool_hba = on
> >
> > On Wed, 2 Aug 2023 08:39:15 +0200
> > Tan Mientras <tanimientras at gmail.com> wrote:
> >
> > > Using
> > >
> > > host all all 192.162.122.0/24 password
> > >
> > > on my pool_hba.conf doesnt work as expected and still complains in logs
> > for
> > > pool_password file not containing dbusername.
> > >
> > > On Wed, Aug 2, 2023 at 4:45 AM Bo Peng <pengbo at sraoss.co.jp> wrote:
> > >
> > > > Hi,
> > > >
> > > > > How could I configure pgpool to "forward" username/password provided
> > by
> > > > > client to postgresql? Is there a way to not use pool_passwd file?
> > > >
> > > > You can avoid maintaining pool_passwd by setting
> > > > "allow_clear_text_frontend_auth = on".
> > > > However, it is not recommended for production environments for security
> > > > reasons.
> > > >
> > > > If you don't want to maintain pool_passwd,
> > > > it is recommended to set "enable_pool_hba = on" and use hostssl and
> > > > "password" method
> > > > in pool_hba.conf so that clients are enforced to use SSL encryption.
> > > >
> > > > Please refer to the documentation for more details:
> > > >
> > https://www.pgpool.net/docs/latest/en/html/auth-methods.html#AUTH-PASSWORD
> > > >
> > > > On Tue, 1 Aug 2023 14:03:44 +0200
> > > > Tan Mientras <tanimientras at gmail.com> wrote:
> > > >
> > > > > Hi
> > > > >
> > > > > Newbie here dealing with a minimal 3-node pgpool cluster (using
> > bitnami
> > > > > docker image).
> > > > >
> > > > > On my first test after succesfully setting up the cluter, client
> > > > complains
> > > > > with "pool_passwd file does not contain an entry for 'dbusername'"
> > > > >
> > > > > After reading
> > > > >
> > > >
> > https://www.pgpool.net/docs/pgpool-II-4.4.3/en/html/client-authentication.html
> > > > > I'm still unable to understand if pgpool can forward the credentials
> > to
> > > > > postgresql or if it always act as a "man in the middle" and uses
> > their
> > > > own
> > > > > credentials to query the db.
> > > > >
> > > > > How could I configure pgpool to "forward" username/password provided
> > by
> > > > > client to postgresql? Is there a way to not use pool_passwd file?
> > > > >
> > > > > Thanks in advance
> > > > > Regards.
> > > >
> > > >
> > > > --
> > > > Bo Peng <pengbo at sraoss.co.jp>
> > > > SRA OSS LLC
> > > > TEL: 03-5979-2701 FAX: 03-5979-2702
> > > > URL: https://www.sraoss.co.jp/
> > > >
> >
> >
> > --
> > Bo Peng <pengbo at sraoss.co.jp>
> > SRA OSS LLC
> > TEL: 03-5979-2701 FAX: 03-5979-2702
> > URL: https://www.sraoss.co.jp/
> >


-- 
Bo Peng <pengbo at sraoss.co.jp>
SRA OSS LLC
TEL: 03-5979-2701 FAX: 03-5979-2702
URL: https://www.sraoss.co.jp/

More information about the pgpool-general mailing list