Re: Murtuza Zabuawala 2016-05-26 <CAKKotZRGMdH3omD3GdW3LwA-AYbm4qY3+BKpXpfQMj9LDsFvtg@mail.gmail.com>
> Hi,
>
> I have created a role using below sql, then I disconnected & try to login
> into postgres db with newly created user "test_role", It prompt for
> password and I pressed Enter key because I did not provided any password
> when I created role so it throw me an error as below *Error: fe_sendauth:
> no password supplied.*
>
> Can someone please explain this behaviour of postgreSQL database, where I'm
> not allowed to login without password even if I do not have password set
> for "test_role" user?
"Without password" doesn't mean "can log in without a password", but
rather "doesn't have a valid password". You will have to configure
pg_hba.conf to let you in by other means. (peer, trust, or the
oh-so-deprecated "ident".)
> The work around is I had to manually edit pg_hba conf and change
> authentication method to trust for this user so that i can login without
> password.
>
> And If that's how postgreSQL authentication works, then can we add a
> mechanism to disallow user to create role without password if running with
> md5 authentication mode?
No. There's legitimate uses for roles without passwords, e.g. roles
that act as user groups. (And there's no such thing as "running with
md5", as there's usually various authentication methods configured in
pg_hba.conf.)
Christoph
