Re: The easiest and robust way of configuring password pass through mechanism..

dipti shah wrote:
> Hi,
>
> I am aware of now almost all the authentication mechanisms that
> PostGreSQL supports. My basic requirement is to don't ask for password
> (allowed users in pg_hba file) when user connects to the server. What
> could be the easiest and robust method to configure this? I am looking
> for passing through the password so that users need not to enter it
> everytime they connects.


are your users on the same computer as the database server, and
connecting via unix socket as their unix account only?  if so,

    LOCAL ALL ALL IDENT SAMEUSER

(leave out SAMEUSER on 8.4, its implied with IDENT).   this relies on
unix authentication, and unix user joe will only be able to connect as
database user joe.

or, if the users are connecting via tcp/ip from specific hosts, and you
can trust all users on those hosts

    HOST ALL someusername some.ip.addr TRUST

or... if your users are always connecting via libpq. you can use
$HOME/.pgpasswd per
http://www.postgresql.org/docs/current/static/libpq-pgpass.html to
specify passwords, when you do this, the application programs won't need
to supply them.   I don't know if this works with clients like JDBC,
however.

finally, you can use ssl client certificates, this is the most complex
to setup, see http://www.postgresql.org/docs/current/static/libpq-ssl.html