Re: Regarding access to a user

Поиск
Список
Период
Сортировка
От Shashwat_Nigam
Тема Re: Regarding access to a user
Дата
Msg-id B3F7216EEA3D5D49A0841DFC6843C33AB9BF01@HSTMBX004.corp.satyam.ad
обсуждение исходный текст
Ответ на Re: Regarding access to a user  (Vishal Arora <aroravishal22@hotmail.com>)
Ответы Re: Regarding access to a user  (Vishal Arora <aroravishal22@hotmail.com>)
Re: Regarding access to a user  ("Scott Marlowe" <scott.marlowe@gmail.com>)
Список pgsql-admin

Dear Vishal

Thanks for the help but by doing this an error is generated at the time when the user is trying to log in  with the following message:

Access to database denied

The server doesn't grant access to the database: the server reports

FATAL: no pg_hba.conf entry for host "127.0.0.1", user "hmri", database "postgres", SSL off

To access a database on a PostgreSQL server, you first have to grant primary access to the server for your client (Host Based Authentication). PostgreSQL will check the pg_hba.conf file if a pattern that matches your client address / username / database is present and enabled before any SQL GRANT access control lists are evaluated.

The initial settings in pg_hba.conf are quite restrictive, in order to avoid unwanted security holes caused by unreviewed but mandatory system settings. You'll probably want to add something like

host all all 192.168.0.0/24 md5

This example grants MD5 encrypted password access to all databases to all users on the private network 192.168.0.0/24.

You can use the pg_hba.conf editor that is built into pgAdmin III to edit the pg_hba.conf configuration file. After changing pg_hba.conf, you need to trigger a server configuration reload using pg_ctl or by stopping and restarting the server process.

Please provide futher proceedings

Thanks & Regards,

Shashwat Nigam

| Software Engineer | Geographical Information System

Satyam Computer Services Limited, Hyderabad | MOBILE: +919951467324 | 

 

From: Vishal Arora [mailto:aroravishal22@hotmail.com]
Sent: Thursday, August 21, 2008 2:29 PM
To: Shashwat_Nigam
Cc: pgsql-admin@postgresql.org
Subject: RE: [ADMIN] Regarding access to a user

 







> From: Shashwat_Nigam@satyam.com
> To: Kevin.Grittner@wicourts.gov
> CC: pgsql-general@postgresql.org; pgsql-sql@postgresql.org; pgsql-admin@postgresql.org
> Date: Thu, 21 Aug 2008 14:23:51 +0530
> Subject: Re: [ADMIN] Regarding access to a user
>
> Dear Kevin
> Thanks for the help. But still the user is able to see all the databases. I defined something like this
>
> # IPv4 local connections:
> host all all 127.0.0.1/32 md5
> host HMRI_database hmri 127.0.0.1/32 md5

You have to comment out the first entry made in your hba file. In this case it checks for the first line where all users are allowed to access all databases so it does not checks the second line.  

>
> in the above case hmri is user and HMRI_database. But still when user is log in as 'hmri' it is able to access all the databases.
> Please provide a solution for the same.
>
> Thanks & Regards,
> Shashwat Nigam
> | Software Engineer | Geographical Information System
> Satyam Computer Services Limited, Hyderabad | MOBILE: +919951467324 |
>
> -----Original Message-----
> From: Kevin Grittner [mailto:Kevin.Grittner@wicourts.gov]
> Sent: Wednesday, August 20, 2008 6:41 PM
> To: pgsql-admin@postgresql.org; Shashwat_Nigam
> Cc: pgsql-general@postgresql.org; pgsql-sql@postgresql.org
> Subject: Re: [ADMIN] Regarding access to a user
>
> >>> Shashwat_Nigam <Shashwat_Nigam@satyam.com> wrote:
>
> > Now what I want is to set privilege that whenever the user log in as
> Us
> > he can only see database Y, none other than that. The user Us could
> have all
> > rights for database Y but can't go for any other database (X or Z).
>
> The first thing you need to do is configure "host based
> authentication":
>
> http://www.postgresql.org/docs/8.3/interactive/auth-pg-hba-conf.html
>
> Among other things, this allows you to restrict which users can
> connect to which databases.
>
> -Kevin
>
>
> DISCLAIMER:
> This email (including any attachments) is intended for the sole use of the intended recipient/s and may contain material that is CONFIDENTIAL AND PRIVATE COMPANY INFORMATION. Any review or reliance by others or copying or distribution or forwarding of any or all of the contents in this message is STRICTLY PROHIBITED. If you are not the intended recipient, please contact the sender by email and delete all copies; your cooperation in this regard is appreciated.
>
> --
> Sent via pgsql-admin mailing list (pgsql-admin@postgresql.org)
> To make changes to your subscription:
> http://www.postgresql.org/mailpref/pgsql-admin


Search for videos of Bollywood, Hollywood, Mollywood and every other wood, only on Live.com Try it now!



DISCLAIMER:
This email (including any attachments) is intended for the sole use of the intended recipient/s and may contain material that is CONFIDENTIAL AND PRIVATE COMPANY INFORMATION. Any review or reliance by others or copying or distribution or forwarding of any or all of the contents in this message is STRICTLY PROHIBITED. If you are not the intended recipient, please contact the sender by email and delete all copies; your cooperation in this regard is appreciated.

В списке pgsql-admin по дате отправления:

Предыдущее
От: Vishal Arora
Дата:
Сообщение: Re: Regarding access to a user
Следующее
От: Tomasz Ostrowski
Дата:
Сообщение: Re: Regarding access to a user