Re: phpPgAdmin + PostgreSQL + authentication - Mailing list pgsql-general
From | Robert Treat |
---|---|
Subject | Re: phpPgAdmin + PostgreSQL + authentication |
Date | |
Msg-id | 1034100177.7593.16.camel@camel Whole thread Raw |
In response to | phpPgAdmin + PostgreSQL + authentication ("Johnson, Shaunn" <SJohnson6@bcbsm.com>) |
List | pgsql-general |
I've used phpPgAdmin before. My guess is that your failing because postgresql is expecting an md5'd password to authenticate with, and phpPgAdmin is passing in an unencrypted password. On a related note, setting phpPgAdmin to advanced authentication mode, it will rely on the information in pg_shadow. Robert Treat On Tue, 2002-10-08 at 12:21, Johnson, Shaunn wrote: > Howdy: > > Not sure if this the most likely of maillists to ask, > but is anyone using phpPgAdmin? I have a few questions > regarding authentication of username / passwords. > > I'm running PostgreSQL 7.2.1 on RedHat Linux 7.2 kernel 2.4.7-10. > I have phpPgAdmin 2.4.2 installed. > > Basically, I want to know: how to configure phpPgAdmin to > allow all the users that exist in pg_shadow to log in and > be authenticated? > > In my pg_hba.conf, I have this: > > [snip conf file] > > # TYPE DATABASE IP_ADDRESS MASK AUTH_TYPE > AUTH_ARGUMENT > local all trust > host all 127.0.0.1 255.255.255.255 md5 > host all 16.x.x.1 255.0.0.0 md5 > host all 192.168.0.0 255.255.255.0 md5 > > [/snip conf file] > > In the config.inc.php, I have this: > > [snip php conf] > > > // The $cfgServers array starts with $cfgServers[1]. Do not use > $cfgServers[0]. > // You can disable a server config entry by setting host to ''. > $cfgServers[1]['local'] = false; > $cfgServers[1]['host'] = 'test.localserver.net'; > $cfgServers[1]['port'] = '5432'; > $cfgServers[1]['adv_auth'] = true; > > $cfgServers[1]['user'] = ''; // if you are not using > adv_auth, > // enter the > username to connect all the time > $cfgServers[1]['password'] = ''; // if you are not using adv_auth > and > // a password is > required enter a password > $cfgServers[1]['only_db'] = ''; // if set to a db-name, only > this db is accessible > > > [/snip php conf] > > As I understand it, shouldn't this allow any user with TCP connection > to access the database? I suppose I am trying to understand if > adv_auth even uses pg_shadow at all, or, does 'local' means that > no authentication is needed, anyone can log in. > > The only thing that happens at the index.php page is when I log > in, I get "Wrong username/password. Access denied". > > I mean, if I can access the database via command line (psql -U joe -d > testdb) > without needing to authenticate myself, shouldn't that mean that > phpPgAdmin > allows the same thing? Otherwise, I should be able to use what's in > pg_shadow, right? > > I am re-reading the documentation page. Any info / direction is > appreciated. > > Thanks! > > -X >
pgsql-general by date: