Thread: using jboss with ident auth

using jboss with ident auth

From
eyal edri
Date:
Hi,

I'm trying to use postgres with ident auth and jboss.

here's my postgres files: 

pg_hba.conf:

# TYPE  DATABASE    USER        CIDR-ADDRESS          METHOD

# "local" is for Unix domain socket connections only
local   all         all                                      ident map=vmap
# IPv4 local connections:
host    all         all         127.0.0.1/32          ident map=vmap
# IPv6 local connections:
host    all         all         ::1/128                   ident map=vmap


pg_ident.conf:

# MAPNAME     SYSTEM-USERNAME    PG-USERNAME
vmap postgres  postgres
vmap root    postgres

i've set the postres password to 'postgres' and updated the postres-ds.xml file under jboss:

<datasources>
        <local-tx-datasource>
                <jndi-name>DataSource</jndi-name>
                <connection-url>jdbc:postgresql://localhost:5432/dbname</connection-url>
                <driver-class>org.postgresql.Driver</driver-class>
                <user-name>postgres</user-name>
                <password>postgres</password>
                <max-pool-size>100</max-pool-size>
                <check-valid-connection-sql>select 1</check-valid-connection-sql>
        </local-tx-datasource>
</datasources>

when i try to run any command that uses the xml file for auth, it failes with: 

FATAL: Ident authentication failed for user "postgres"

when i use 'password' or 'md5' it works.


btw, i would have used password or md5 if there was a away to run psql commands with password unattended (without password prompt..).

any ideas?

thanks!! 

Re: using jboss with ident auth

From
Magnus Hagander
Date:

On Jun 2, 2011 4:16 PM, "eyal edri" <eyal.edri@gmail.com> wrote:
>
> Hi,
>
> I'm trying to use postgres with ident auth and jboss.
>
> here's my postgres files: 
>
> pg_hba.conf:
>
> # TYPE  DATABASE    USER        CIDR-ADDRESS          METHOD
>
> # "local" is for Unix domain socket connections only
> local   all         all                                      ident map=vmap
> # IPv4 local connections:
> host    all         all         127.0.0.1/32          ident map=vmap
> # IPv6 local connections:
> host    all         all         ::1/128                   ident map=vmap
>
>
> pg_ident.conf:
>
> # MAPNAME     SYSTEM-USERNAME    PG-USERNAME
> vmap postgres  postgres
> vmap root    postgres
>
> i've set the postres password to 'postgres' and updated the postres-ds.xml file under jboss:
>
> <datasources>
>         <local-tx-datasource>
>                 <jndi-name>DataSource</jndi-name>
>                 <connection-url>jdbc:postgresql://localhost:5432/dbname</connection-url>
>                 <driver-class>org.postgresql.Driver</driver-class>
>                 <user-name>postgres</user-name>
>                 <password>postgres</password>
>                 <max-pool-size>100</max-pool-size>
>                 <check-valid-connection-sql>select 1</check-valid-connection-sql>
>         </local-tx-datasource>
> </datasources>
>
> when i try to run any command that uses the xml file for auth, it failes with: 
>
> FATAL: Ident authentication failed for user "postgres"
>
> when i use 'password' or 'md5' it works.
>
>
> btw, i would have used password or md5 if there was a away to run psql commands with password unattended (without password prompt..).
>
> any ideas?

Is there something in the PostgreSQL server logs when this happens? The client side error message will intentionally not contain al details of authentication problems.

Also, do you get anything in the logs of your Ident sever?

/Magnus

Re: using jboss with ident auth

From
Radosław Smogura
Date:
 On Mon, 6 Jun 2011 11:55:47 +0200, Magnus Hagander wrote:
> On Jun 2, 2011 4:16 PM, "eyal edri"  wrote:
>  >
>  > Hi,
>  >
>  > Im trying to use postgres with ident auth and jboss.
>  >
>  > heres my postgres files: 
>  >
>  > pg_hba.conf:
>  >
>  > # TYPE  DATABASE    USER        CIDR-ADDRESS        
>  METHOD
>  >
>  > # "local" is for Unix domain socket connections only
>  > local   all         all                          
>            ident map=vmap
>  > # IPv4 local connections:
>  > host    all         all         127.0.0.1/32 [2]      
>    ident map=vmap
>  > # IPv6 local connections:
>  > host    all         all         ::1/128            
>       ident map=vmap
>  >
>  >
>  > pg_ident.conf:
>  >
>  > # MAPNAME     SYSTEM-USERNAME    PG-USERNAME
>  > vmap postgres  postgres
>  > vmap root    postgres
>  >
>  > ive set the postres password to postgres and updated the
> postres-ds.xml file under jboss:
>  >
>  >
>  >        
>  >                 DataSource
>  >                 jdbc:postgresql://localhost:5432/dbname
>  >                 org.postgresql.Driver
>  >                 postgres
>  >                 postgres
>  >                 100
>  >                 select 1
>  >        
>  >
>  >
>  > when i try to run any command that uses the xml file for auth, it
> failes with: 
>  >
>  > FATAL: Ident authentication failed for user "postgres"
>  >
>  > when i use password or md5 it works.
>  >
>  >
>  > btw, i would have used password or md5 if there was a away to run
> psql commands with password unattended (without password prompt..).
>  >
>  > any ideas?
>
> Is there something in the PostgreSQL server logs when this happens?
> The client side error message will intentionally not contain al
> details of authentication problems.
>
> Also, do you get anything in the logs of your Ident sever?
>
> /Magnus
>
>
> Links:
> ------
> [1] mailto:eyal.edri@gmail.com
> [2] http://127.0.0.1/32

 I had similar problem about ident auth (but I think with smtp/imap). If
 I remember well You should have running ident server (port 113) on your
 Linux box.

 Check it with netstat.

 Regards,
 Radek

Re: using jboss with ident auth

From
John R Pierce
Date:
On 06/02/11 6:54 AM, eyal edri wrote:
> when i try to run any command that uses the xml file for auth, it
> failes with:
>
> FATAL: Ident authentication failed for user "postgres"

ident authentication means unix user "joe" can only authenticate as
postgres user/role "joe" (unless you set up an ident map, which imho is
a bit messy)

>
> when i use 'password' or 'md5' it works.
>
>
> btw, i would have used password or md5 if there was a away to run psql
> commands with password unattended (without password prompt..).
>

use a $HOME/.pgpass file

--
john r pierce                            N 37, W 123
santa cruz ca                         mid-left coast