Re: "could not accept SSPI security context"
| От | G_Hosa_Phat |
|---|---|
| Тема | Re: "could not accept SSPI security context" |
| Дата | |
| Msg-id | 1327113072912-5162113.post@n5.nabble.com обсуждение исходный текст |
| Ответ на | Re: "could not accept SSPI security context" (Brar Piening <brar@gmx.de>) |
| Ответы |
Re: "could not accept SSPI security context"
(Ahmed Shinwari <ahmed.shinwari@gmail.com>)
Re: "could not accept SSPI security context" (Ahmed <ahmed.shinwari@gmail.com>) |
| Список | pgsql-general |
Brar Piening wrote > > Just a guess: You don't have something like "host all all 127.0.0.1/32 > sspi" in your pg_hba.conf do you? > > Regards, > > Brar > I don't have that set. Here's a sample from my pg_hba (slightly redacted to obfuscate our internal network address scheme). # TYPE DATABASE USER CIDR-ADDRESS METHOD # --------------------------------------------------------------------- # IPv4 LOCAL CONNECTIONS # --------------------------------------------------------------------- # Connections made from the server computer itself are only allowed if # the user is a member of the Developers group, or a Super User. # --------------------------------------------------------------------- host all pgsuper 127.0.0.1/32 md5 host all +"ITDept" 127.0.0.1/32 sspi host all all 127.0.0.1/32 reject # --------------------------------------------------------------------- # IPv4 INTRANET CONNECTIONS # --------------------------------------------------------------------- # If the IP address from which the request comes indicates that the # user is on the Courtesy network and is physically located in one of # our offices (Oklahoma City or Tulsa), use sspi authentication to # validate the users credentials against Courtesy’s Active Directory. # --------------------------------------------------------------------- # Internal Network # --------------------------------------------------------------------- host all pgsuper 172.16.10.0/24 md5 host all +"Laptop" 172.16.10.50/32 ldap ldapserver=ADSERVERNAME ldapprefix="MYDOMAIN\" host all +"ITDept" 172.16.10.0/24 sspi host appdb +"Users" 172.16.10.0/24 sspi # --------------------------------------------------------------------- # Deny connection attempts from any source not explicitly identified # in the rules above. # --------------------------------------------------------------------- host all all 0.0.0.0/0 reject # IPv6 local connections: host all pgsuper ::1/128 md5 host all +"ITDept" ::1/128 sspi host all all ::1/128 reject There are some specific requirements addressed in the configuration file, and I'd love to ask some more questions about how to implement some of them, but those aren't in the scope of this thread. On this topic, however, this configuratoin correctly uses the SSPI authentication when I try to connect to the database through PGAdmin (I'm a member of the "ITDept" group), but not when I'm testing my VB.NET application, it fails on the authentication with the error from the thread title. -- View this message in context: http://postgresql.1045698.n5.nabble.com/could-not-accept-SSPI-security-context-tp3275102p5162113.html Sent from the PostgreSQL - general mailing list archive at Nabble.com.
В списке pgsql-general по дате отправления: