Обсуждение: TCPIP connection on local host using md5

Поиск
Список
Период
Сортировка

TCPIP connection on local host using md5

От
Jimy McDermott
Дата:
I am trying to connect a JDBC client to the PostgreSQL DB using a custom user, "report".

The report user connects successfully from remote machines as expected.

The report user cannot connect from the JDBC client program on local host.

I cant figure out wht an ident server is being contaced, the auth method is md5.




JDBC Client connection string:
"jdbc:postgresql://localhost:/<mydbname>"




Error:
LOG:  could not connect to Ident server at address "127.0.0.1", port 113: Connection refused
FATAL:  Ident authentication failed for user "report"




postgres.conf:
#------------------------------------------------------------------------------
# CONNECTIONS AND AUTHENTICATION
#------------------------------------------------------------------------------

# - Connection Settings -

listen_addresses = '*'          # what IP address(es) to listen on;
                                        # comma-separated list of addresses;
                                        # defaults to 'localhost', '*' = all
                                        # (change requires restart)
port = 5432                             # (change requires restart)




pg_hba.conf:
# TYPE  DATABASE        USER            ADDRESS                 METHOD

# "local" is for Unix domain socket connections only
local   all             all                                     peer
# IPv4 local connections:
host    all             all             127.0.0.1/32            ident
# IPv6 local connections:
host    all             all             ::1/128                 ident
# Allow replication connections from localhost, by a user with the
# replication privilege.
host     all             all             192.168.20.250/32       md5   # This line supports the remote connection that works great
host     all             report          127.0.0.1/32            md5      # This line is intended to support the local connection that is failing


Re: TCPIP connection on local host using md5

От
Tom Lane
Дата:
Jimy McDermott <jmcdermott@catbird.com> writes:
> pg_hba.conf:
> # TYPE  DATABASE        USER            ADDRESS                 METHOD

> # "local" is for Unix domain socket connections only
> local   all             all                                     peer
> # IPv4 local connections:
> host    all             all             127.0.0.1/32            ident
> # IPv6 local connections:
> host    all             all             ::1/128                 ident
> # Allow replication connections from localhost, by a user with the
> # replication privilege.
> host     all             all             192.168.20.250/32       md5   #
> This line supports the remote connection that works great
> host     all             report          127.0.0.1/32            md5      #
> This line is intended to support the local connection that is failing

pg_hba.conf lines are considered in order, so the second one (with the
ident auth method) is matching the incoming connection before the last
one ever gets considered.  You need to re-order those lines.  The rule
of thumb is "most specific rule first".

            regards, tom lane