| From: | xujian <jamesxu(at)outlook(dot)com> |
|---|---|
| To: | "pgsql-admin(at)postgresql(dot)org" <pgsql-admin(at)postgresql(dot)org> |
| Subject: | Postgresql gss user map doesn't work |
| Date: | 2015-06-30 16:56:47 |
| Message-ID: | BAY181-W52A150EEDDA570E26EF525A1A90@phx.gbl |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-admin |
Hello, I have a problem when I am using gss map. I want to map the user xxx(at)company(dot)com to db role company_com_xxxhere is my pa_hba.conf:=================# TYPE DATABASE USER ADDRESS METHODhost all all all gss include_realm=1 map=mymap
here is the pg_ident.conf=================# MAPNAME SYSTEM-USERNAME PG-USERNAMEmymap /(.*)@COMPANY.COM company_com_\1
However, it doesn't work, I got error message=================LOG: no match in usermap "mymap" for user "xxx" authenticated as "xxx(at)COMPANY(dot)COM"FATAL: GSSAPI authentication failed for user "xxx"DETAIL: Connection matched pg_hba.conf line 88: "host all all all gss include_realm=1 map=mymap"
but if I changed the map to =================# MAPNAME SYSTEM-USERNAME PG-USERNAMEmymap /(.*)@COMPANY.COM \1
then I can login, I have created role xxx and company_com_xxx in db side. even if I hard code the username in the mapping like=================# MAPNAME SYSTEM-USERNAME PG-USERNAMEmymap /(.*)@COMPANY.COM company_com_xxx
it still doesn't work. any idea?
Thanks in advance!
James
| From | Date | Subject | |
|---|---|---|---|
| Next Message | David G. Johnston | 2015-06-30 20:17:42 | Re: SUM all timeelapse WHERE timetype = 'Break' but only the rows that are after(below) timetype = 'Start' |
| Previous Message | Ankur Kaushik | 2015-06-29 08:49:45 | Re: dump using copy failed |