Thread: Requiring a password

On 06/03/2008, Ralph Smith <smithrn@washington.edu> wrote:
> I guess I'm missing something.
>
> Question part A)
>
> Even after reloading and restarting the DB, which shouldn't be necessary,
> smithrn still gets in w/o any password checks.
> How come?
Impossible to answer w/o knowing any entries in your pg_hba.conf


> Question part B)
>
> I have SSL on, and all the client boxes also have it.
> If I change HBA, how will / would I change my login?
> As it is now, a particular user connects to a particular DB w/o any password
> prompt.
> e.g.:  psql -U username dbname
To the best of my knowledge the authentication shouldn't
be affected by the transport ...


> Thank you!
>
>
> Ralph Smith
Cheers,
Andrej


--
Please don't top post, and don't use HTML e-Mail :}  Make your quotes concise.

http://www.american.edu/econ/notes/htmlmail.htm

"Andrej Ricnik-Bay" <andrej.groups@gmail.com> writes:
> On 06/03/2008, Ralph Smith <smithrn@washington.edu> wrote:
>> Even after reloading and restarting the DB, which shouldn't be necessary,
>> smithrn still gets in w/o any password checks.
>> How come?

> Impossible to answer w/o knowing any entries in your pg_hba.conf

I think the OP expects the act of assigning a password to a particular
role to be enough to cause password authentication to be used.  It's
not: you have to make sure that pg_hba.conf specifies that auth method.

            regards, tom lane