| From: | Niral Trivedi <niral(dot)trivedi(at)insage(dot)com> |
|---|---|
| To: | "'pgsql-general(at)postgresql(dot)org'" <pgsql-general(at)postgresql(dot)org> |
| Subject: | Question on pg_hba.conf |
| Date: | 2000-12-12 20:41:25 |
| Message-ID: | 328DC4EC2C9B74428D8DAED1931285BF10D949@FLAN-EXCH01.corp.insage.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
All,
I am a newbie to postgreSQL so forgive me if you find this question a stupid
one...
Question I have today is regarding how to protect a DB with
username/password. I have found that you can put a line in 'pg_hba.conf'
file like following:
local db_name crypt file.dat
where file.dat contains 'username:<crypted password>' pair per line.
But still what I have seen that if you don't add a user with SQL comman
"CREATE USER user WITH password 'password'" you won't be able to use that
username/password for connecting to db_name from your application!!!!
For example, I have username 'user' and password 'pass' in my file.dat and I
have the line as I have typed earlier in my pg_hba.conf and if I try to
connect to db_name I failed.. I have to add 'user' and 'pass' from the SQL
prompt in the pg_shadow file(I assume) and then and then I was able to
connect to db_name.
So, my question is, what is the advantage of having a separate file like
'file.dat' and crypt in pg_hba.conf file??? And strange thing I found is, I
can connect to the database with the username which is not in my
'file.dat'!!!!
I am sure I am missing something.. but all comments and advices are
welcome..
Thanks in advance..
Niral
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2000-12-12 20:41:33 | Re: Creating index with UPPER |
| Previous Message | Adam Lang | 2000-12-12 20:22:49 | Re: manuals |