Re: ident client authentication

Thanks for the reply.

Is this right then? For ident to work could I, as Bruno Wolff III suggested,
map the apache user to jim using pg_ident.

I suppose if I do that it might be rather risky from a security point of
view. Since any script running would then run as jim.

Perhaps I shoulkd do as you suggested and use password authentication.

Paul Hide

On 11/8/05, Richard Huxton <dev(at)archonet(dot)com> wrote:
>
> Paul Hide wrote:
> > I have a problem with ident client authentication.
> > My server is debian sarge, pg version is 7.4.7, apache 2.0.54,
> mod_python
> > 2.3. A python script is placed on the server and runs under mod_python
> in
> > apache.
>
> > However, if i have
> > local all jim ident sameuser
> > I get FATAL: IDENT authentication failed for user jim, via mod-python
> debug
> > and in postgres log.
> >
> > jim is both a unix user (linux) and a postgres user.
> >
> > Is this what would be expected?
> > How can I make ident authentication work?
>
> At a guess, your Python script is running as the same user as your
> webserver (usually apache/www-data/nobody or similar). This is why the
> "ident sameuser" isn't working.
>
> You'll either need to log in as the webserver user, or use password
> authentication.
>
> > Any help would be appreciated, including where this message should be
> posted
> > if this list is inappropriate.
>
> This list is fine.
>
> HTH
>
> --
> Richard Huxton
> Archonet Ltd
>