From: | Peter Eisentraut <peter_e(at)gmx(dot)net> |
---|---|
To: | Kenny H Klatt <kklatt(at)csd(dot)uwm(dot)edu> |
Cc: | <pgsql-hackers(at)postgresql(dot)org> |
Subject: | Re: Question on ident authorization |
Date: | 2002-04-08 01:13:17 |
Message-ID: | Pine.LNX.4.30.0204072109090.685-100000@peter.localdomain |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
Kenny H Klatt writes:
> Inital testing worked well. When it was decided to have applications
> normally directed at production try the development instance, ident
> authenication failed. All other tests passed, including hostssl
> connections. When the firewall redirects traffic to its intended service
> provider using the same port postgress is using ident works. When the
> ports are not the same, ident authenication fails. User/password and hostssl
> connections continue to work though.
I can't quite picture your setup, but two points: One, the PostgreSQL
server attempts ident authentication over TCP port 113. If there's no
ident server on that port on the client side then authentication fails.
Two, if your firewall is redirecting ident traffic to a dedicated service
provider host, then have it stop doing that because that's not how ident
is supposed to work (or you will have to put in a lot of extra effort to
make it work).
--
Peter Eisentraut peter_e(at)gmx(dot)net
From | Date | Subject | |
---|---|---|---|
Next Message | Christopher Kings-Lynne | 2002-04-08 02:05:08 | Re: Suggestion for optimization |
Previous Message | Hiroshi Inoue | 2002-04-08 00:33:33 | Re: timeout implementation issues |