Thanks John for reply. Users can connect to database server in either way(from same computer or remote).
Currently by default all users are able to connect to database as pg_hba file has been configured to TRUST for all users.
I am planning to remove these all users and want only specific groups and users to connect to database server. I haven't configured the server so I don't know from where to start.
Thanks,
Dipti
On Mon, Feb 15, 2010 at 12:21 AM, John R Pierce
<pierce@hogranch.com> wrote:
dipti shah wrote:
Hi,
I am aware of now almost all the authentication mechanisms that PostGreSQL supports. My basic requirement is to don't ask for password (allowed users in pg_hba file) when user connects to the server. What could be the easiest and robust method to configure this? I am looking for passing through the password so that users need not to enter it everytime they connects.
LOCAL ALL ALL IDENT SAMEUSER
(leave out SAMEUSER on 8.4, its implied with IDENT). this relies on unix authentication, and unix user joe will only be able to connect as database user joe.
or, if the users are connecting via tcp/ip from specific hosts, and you can trust all users on those hosts
HOST ALL someusername some.ip.addr TRUST
or... if your users are always connecting via libpq. you can use $HOME/.pgpasswd per http://www.postgresql.org/docs/current/static/libpq-pgpass.html to specify passwords, when you do this, the application programs won't need to supply them. I don't know if this works with clients like JDBC, however.
finally, you can use ssl client certificates, this is the most complex to setup, see http://www.postgresql.org/docs/current/static/libpq-ssl.html
--
Sent via pgsql-general mailing list (pgsql-general@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-general