Re: localhost connects, same code on other host fails - Mailing list pgsql-novice

From Reshat Sabiq
Subject Re: localhost connects, same code on other host fails
Date
Msg-id 000501c2c4dc$7ecf01a0$b580d380@main
Whole thread Raw
In response to Re: localhost connects, same code on other host fails  (Tom Lane <tgl@sss.pgh.pa.us>)
List pgsql-novice
I've been running the web app on port 8080 all this time. Only now the
conf files were updated as follows:
host    all    xxx.yy.zzz.vv  255.255.255.255  ident    newmode

newmode     root     username

where xxx.yy.zzz.vv is external IP of localhost.

I'm still getting an exception when connecting from the web ap on port
80, however:

2003-01-25 14:49:44 A connection error has occurred: FATAL 1:  IDENT
authentication failed for user "username"
        at
org.postgresql.jdbc1.AbstractJdbc1Connection.openConnection(AbstractJdbc
1Connection.java:202)
        at org.postgresql.Driver.connect(Driver.java:122)

What happens apparently is that the server runs as root, so my web app
on port 80 also runs as root, and it tries to connect as root.

These additions are now pending authorization:
local        all                                           ident
newmode
host         all         127.0.0.1     255.0.0.0           ident
newmode

I'd appreciate any further suggestions. The web app runs just fine on
port 8080, when server runs as "username".

P.S. The server runs as root, and that is not likely to change. It
appears that IDENT is functioning, but how could that be checked other
than the message above?

Sincerely,
r.

-----Original Message-----
From: Tom Lane [mailto:tgl@sss.pgh.pa.us]
Sent: Wednesday, January 01, 2003 2:31 PM
To: Reshat Sabiq
Cc: pgsql-novice@postgresql.org
Subject: Re: [NOVICE] localhost connects, same code on other host fails

"Reshat Sabiq" <sabiq@purdue.edu> writes:
> P.P.P.S. The localhost-based app is running as myself on port 8080,
> whereas the non-localhost-based app is running as root on port 80.

Well, then IDENT is going to reject the connection, because the actual
Unix login name on the client side doesn't match the postgres username
you're trying to use.  (There's also theory B: you don't have a working
IDENT service on the client machine at all.)

Since I cannot imagine any good reason for running a client as root when
it doesn't absolutely have to be root, my advice is to use a saner login
setup on the client: viz, run the app as postgres, or whatever userid
you want it to be for postgres purposes.  Otherwise, use some different
authentication setup than "ident sameuser".

            regards, tom lane


pgsql-novice by date:

Previous
From: Aarni Ruuhimäki
Date:
Subject: Re: Altering Column Date Types
Next
From: Jens Østergaard Petersen
Date:
Subject: collation