Re: Authorization problem - Mailing list pgsql-admin
| From | Pedro Fonseca |
|---|---|
| Subject | Re: Authorization problem |
| Date | |
| Msg-id | 9pfbvv$15vu$1@news.tht.net Whole thread Raw |
| In response to | Re: Authorization problem (Manuel Trujillo <manueltrujillo@dorna.es>) |
| Responses |
Re: Authorization problem
(Tom Lane <tgl@sss.pgh.pa.us>)
Re: Authorization problem (hodges@xprt.net) |
| List | pgsql-admin |
Hi Manuel! Yo no hablo el espa�ol mui bien... :) Your suggestion is just fine, but that way the authentication will be password based! And I don't want that... The same for Felipe's suggestion! In short: I'd like this database accessible only by *one* PostgreSQL user (instead of all), I don't want this user to have to authenticate through a password and I don't want to use TCP/IP. I think that the AUTHTYPE ident (in pg_hba.conf) is just fine for this case, together with a corresponding map, but that can only be used for TCP/IP connections... Any more suggestions? I mean, this is possible, right? -- ______________________________________________________________________ Pedro Fonseca (pedro.fonseca@iscte.pt) Mob.: (+351)964598357 http://www.pedrofonseca.com ADETTI/ISCTE (Instituto Superior de Ci�ncias do Trabalho e da Empresa) "Manuel Trujillo" <manueltrujillo@dorna.es> wrote in message news:20011003161206.A560@klingon.dorna.es... > On Wed, Oct 03, 2001 at 02:17:15PM +0100, Pedro Fonseca wrote: > > > I have 2 PostgreSQL users created. I'd like access to a database restricted > > only to one of these users. As it is, in pg_hba.conf, any PostgreSQL user > > can connect locally to any database whatsoever: > > > > # TYPE DATABASE IP_ADDRESS MASK AUTHTYPE MAP > > local all trust > > host all 127.0.0.1 255.255.255.255 trust > > > > I have TCP/IP based connections disabled. What I would like would be > > something like: > > > > # TYPE DATABASE IP_ADDRESS MASK AUTHTYPE MAP > > local test_db ident test_db_map > > > > The problem is that the ident AUTHTYPE can only be used for TCP/IP > > connections. How do I tell PostgreSQL that I only want to allow > > postgres_user_1 to connect to test_db, and not every user? And how do I do > > this without using passwords and TCP/IP connections? > > > I think the solution is: > 1- create a passwd file for this database (test_db_passwd, for example), with pg_passwd test_db_passwd, and put here with pg_passwd the user's needed. > 2- put this in your pg_hba.conf: > # TYPE DATABASE IP_ADDRESS MASK AUTHTYPE MAP > local test_db password test_db_passwd test_db_map > > I'm very "newbie" in postgresql, but I think this can solve your problem. > > Sorry for my bad english, if you speak spanish, you can write to me directly.
pgsql-admin by date: