| From: | Scott Mead <scottm(at)openscg(dot)com> |
|---|---|
| To: | Elson Vaz <elsonlei(at)gmail(dot)com> |
| Cc: | "David G(dot) Johnston" <david(dot)g(dot)johnston(at)gmail(dot)com>, "pgsql-admin(at)postgresql(dot)org" <pgsql-admin(at)postgresql(dot)org> |
| Subject: | Re: Acess Control ! |
| Date: | 2017-10-03 15:01:17 |
| Message-ID: | CAKq0gv+CxtK72wn3-rymeyt0NJqeKqLjj4wWwK+himG3HpUmuw@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-admin |
On Tue, Oct 3, 2017 at 10:56 AM, Elson Vaz <elsonlei(at)gmail(dot)com> wrote:
> thank you David J.,
>
> But how i can do this?
> for exemple i did this configuration, but is wroge.
>
> # TYPE DATABASE USER ADDRESS METHOD
> host xpto system 10.75.15.60/32 md5
> host xpto system 10.72.18.0/24
> reject
>
host xpto system 0.0.0.0/0
reject
Make sure to reload the DB when done.
--Scott
>
>
> i want that user *system, *only conect to xpto database if it come from
> 10.75.15.60, but if this user *"system" *come from another adress i want
> reject this connection, it's possible?
>
>
>
>
>
> 2017-10-03 13:03 GMT-01:00 David G. Johnston <david(dot)g(dot)johnston(at)gmail(dot)com>:
>
>> On Tue, Oct 3, 2017 at 6:46 AM, Elson Vaz <elsonlei(at)gmail(dot)com> wrote:
>>
>>> gentlemen,
>>>
>>> i have one system that conect with one specific user to data base, so i
>>> want block acess for this user only if he come from the aplication server.
>>>
>>>
>> https://www.postgresql.org/docs/9.6/static/client-authentication.html
>>
>> The pg_hba.conf file is going to be required since you want the access to
>> be conditional on the machine and grant/revoke cannot do that.
>>
>> David J.
>>
>>
>
>
--
--
Scott Mead
Sr. Architect
*OpenSCG <http://openscg.com>*
http://openscg.com
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Elson Vaz | 2017-10-03 18:07:06 | Re: Acess Control ! |
| Previous Message | Elson Vaz | 2017-10-03 14:56:27 | Re: Acess Control ! |