Re: How to provide db access to other systems

Quoting "VivekanandaSwamy R." <VivekanandaSwamyr@infics.com>:

> 
> 
> 
> Hai keith,
> I tried for this.I was creted and enabled this property and it appears
> like below...
> Type            database        user
> ipaddress        method        option
> ------------------------------------------------------------------------
> ------------------------
> Hostssl        all            all
> 172.16.9.55        md5    
> 
> This was saved.
> But when reopen the same pg_hba.conf,it was not appeared in list
> 
> So what wil I do for this..
> 
> Thanks  &  Regards
> 
> Vivekananda.R | Software Engineer          
> 
> Infinite Computer Solutions | Exciting Times...Infinite Possibilities...
> 
> 
> SEI-CMMI level 5 | ISO 9001:2000
> 
>  Tel +91-80-5193-0000| Fax  +91-80-51930009 | Cell No
> +91-9986463365|www.infics.com         
> 
> 
> -----Original Message-----
> From: Keith C. Perry [mailto:netadmin@vcsn.com]
> Sent: Tuesday, July 04, 2006 2:16 AM
> To: VivekanandaSwamy R.
> Cc: pgadmin-support@postgresql.org; pgadmin-support-owner@postgresql.org
> Subject: Re: [pgadmin-support] How to provide db access to other systems
> 
> Quoting "VivekanandaSwamy R." <VivekanandaSwamyr@infics.com>:
> 
> >
> >
> 
> > Hi,
> > We are using J2EE with PostgresSQL 8.1.0. OS : Wind In my system,i am
> > having Postgre database.Now i want to provide database access to the
> > front-end programmers.
> > How can i do that?
> > Please give me and explain the path...because we dont have any DBA..
> > Im the new one for PostgreSQL
> > Thanks  &  Regards
> >
> > Vivekananda.R | Software Engineer         
> 
> >
> > Infinite Computer Solutions | Exciting Times...Infinite
> Possibilities...
> >
> >
> > SEI-CMMI level 5 | ISO 9001:2000
> >
> >  Tel +91-80-5193-0000| Fax  +91-80-51930009 | Cell No
> > +91-9986463365|www.infics.com        
> 
> Greetings,
> 
> You can allow your developers to use pgadmin by setting up the
> appropriate users and groups (roles) in Postgres.  Also as a matter of
> security, you should only allow encrypted connections.  You will need to
> generate a certificate for the server and use the "hostssl" type with an
> "md5" password method (that allows encrypted passwords to be used for
> your users) in the pg_hba.conf file.
> 
> --
> Keith C. Perry, MS E.E.
> Director of Networks & Applications
> VCSN, Inc.
> http://vcsn.com
> 
> ______________________________________
> This email account is being hosted by:
> VCSN, Inc : http://vcsn.com
> 
> Information transmitted by this e-mail is proprietary to Infinite Computer
> Solutions and / or its Customers and is intended for use only by the
> individual or the entity to which it is addressed, and may contain
> information that is privileged, confidential or exempt from disclosure under
> applicable law. If you are not the intended recipient or it appears that this
> mail has been forwarded to you without proper authority, you are notified
> that any use or dissemination of this information in any manner is strictly
> prohibited. In such cases, please notify us immediately at info.in@infics.com
> and delete this email from your records.
> 

If I understand what you are saying, it sound like there was a problem saying
the file.  Are you sure you have the right permissions to edit that file?  Also,
I forgot to mention that you will need to restart the server in order to
recognize the changes.

BTW, 172.16 is part of the IANA defined private networks so I don't think you
really want that line if you're mean to enforce encrypted connections from
outside your network.  If I may make a suggestion- here are the two lines I have
in my config...

host    all         all         127.0.0.1/32          trust
hostssl    all         all         0.0.0.0           0.0.0.0   md5

These to line trust local IP connection only and for everything else, a SSL
connection is required.  This allows me to work on the server directly (or with
remote X sessions on my LAN) without a login and to force non-LAN users to use
encrypted connections.

Just my $0.03  :)

-- 
Keith C. Perry, MS E.E.
Director of Networks & Applications
VCSN, Inc.
http://vcsn.com
______________________________________
This email account is being hosted by:
VCSN, Inc : http://vcsn.com