Thread: password authentication
Hi, I was wondering what the different methods of creating a password accomplish because I created a password for a test user using the command WITH PASSWORD. I tried testing to see if I could log on without a password, and it worked. Is there anything else I would need to do to activate the password authentication? Does the pg_hba.conf file have anything to do with this? If it does, and I only want to create a password for this one user, would I specify it in the pg_hba.conf file? Thanks. Phuong
Phuong, The pg_hba.conf has a lot to do with authentication. I strongly suggest you read through the internal documentation in the file itself, as well as the sections in the 7.1 docs. They explain the system very well. The shortcut to the answer is you probably are using "trust" authentication which means it doesn't check passwords at all. As I said, read the examples in the file and in the docs and I'm sure you will figure it out. Also remember that the FIRST authentication method that matches in the pg_hba.conf file is the one that is used for a given combination of DB, IP, MASK, auth method, etc. Tim Frank >>>>>>>>>>>>>>>>>> Original Message <<<<<<<<<<<<<<<<<< On 19/04/01, 7:36:19 PM, pma@commandprompt.com (Phuong Ma) wrote regarding password authentication: > Hi, > I was wondering what the different methods of creating a password > accomplish because I created a password for a test user using the > command WITH PASSWORD. I tried testing to see if I could log on without > a password, and it worked. Is there anything else I would need to do to > activate the password authentication? Does the pg_hba.conf file have > anything to do with this? If it does, and I only want to create a > password for this one user, would I specify it in the pg_hba.conf file? > Thanks. > Phuong > ---------------------------(end of broadcast)--------------------------- > TIP 1: subscribe and unsubscribe commands go to majordomo@postgresql.org
Phuong Ma wrote: >Hi, > > I was wondering what the different methods of creating a password >accomplish because I created a password for a test user using the >command WITH PASSWORD. I tried testing to see if I could log on without >a password, and it worked. Is there anything else I would need to do to >activate the password authentication? Does the pg_hba.conf file have >anything to do with this? If it does, and I only want to create a >password for this one user, would I specify it in the pg_hba.conf file? Use pg_hba.conf to turn on password checking. Checking is done if the connection method, database (and connection source for TCP/IP) match a line in pg_hba.conf that requires it. You cannot turn on checking per _user_. It's all users or none. -- Oliver Elphick Oliver.Elphick@lfix.co.uk Isle of Wight http://www.lfix.co.uk/oliver PGP: 1024R/32B8FAA1: 97 EA 1D 47 72 3F 28 47 6B 7E 39 CC 56 E4 C1 47 GPG: 1024D/3E1D0C1C: CA12 09E0 E8D5 8870 5839 932A 614D 4C34 3E1D 0C1C ======================================== "For this reason I also suffer these things, but I am not ashamed; for I know whom I have believed, and am persuaded that He is able to keep that which I have committed unto him until that day." II Timothy 1:12