| From: | "David G(dot) Johnston" <david(dot)g(dot)johnston(at)gmail(dot)com> |
|---|---|
| To: | Bjørn T Johansen <btj(at)havleik(dot)no> |
| Cc: | "pgsql-general(at)lists(dot)postgresql(dot)org" <pgsql-general(at)lists(dot)postgresql(dot)org> |
| Subject: | Re: Authentication? |
| Date: | 2018-03-07 14:14:55 |
| Message-ID: | CAKFQuwbzo=F7sgmY1Qpj5mVjHUHSWWudE0vTYy8Wm7tVLuBsOA@mail.gmail.com |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
On Wed, Mar 7, 2018 at 6:13 AM, Bjørn T Johansen <btj(at)havleik(dot)no> wrote:
> Hi.
>
> Is it possible to use one authentication method as default, like LDAP, and
> if the user is not found, then try to authenticate using
> md5/scram-sha-256 ?
>
In the "Client Authentication" Chapter:
https://www.postgresql.org/docs/10/static/auth-pg-hba-conf.html
"""
The first record with a matching connection type, client address,
requested database, and user name is used to perform authentication. There
is no “fall-through” or “backup”: if one record is chosen and the
authentication fails, subsequent records are not considered. If no record
matches, access is denied.
"""
David J.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Bjørn T Johansen | 2018-03-07 15:14:11 | Re: Authentication? |
| Previous Message | Łukasz Jarych | 2018-03-07 14:02:06 | Re: save query as sql file |