Обсуждение: TCPIP connection on local host using md5
I am trying to connect a JDBC client to the PostgreSQL DB using a custom user, "report".
The report user connects successfully from remote machines as expected.
The report user cannot connect from the JDBC client program on local host.
I cant figure out wht an ident server is being contaced, the auth method is md5.
JDBC Client connection string:
"jdbc:postgresql://localhost:/<mydbname>"
Error:
LOG: could not connect to Ident server at address "127.0.0.1", port 113: Connection refused
FATAL: Ident authentication failed for user "report"
postgres.conf:
#------------------------------------------------------------------------------
# CONNECTIONS AND AUTHENTICATION
#------------------------------------------------------------------------------
# - Connection Settings -
listen_addresses = '*' # what IP address(es) to listen on;
# comma-separated list of addresses;
# defaults to 'localhost', '*' = all
# (change requires restart)
port = 5432 # (change requires restart)
pg_hba.conf:
# TYPE DATABASE USER ADDRESS METHOD
# "local" is for Unix domain socket connections only
local all all peer
# IPv4 local connections:
host all all 127.0.0.1/32 ident
# IPv6 local connections:
host all all ::1/128 ident
# Allow replication connections from localhost, by a user with the
# replication privilege.
host all all 192.168.20.250/32 md5 # This line supports the remote connection that works great
host all report 127.0.0.1/32 md5 # This line is intended to support the local connection that is failing
The report user connects successfully from remote machines as expected.
The report user cannot connect from the JDBC client program on local host.
I cant figure out wht an ident server is being contaced, the auth method is md5.
JDBC Client connection string:
"jdbc:postgresql://localhost:/<mydbname>"
Error:
LOG: could not connect to Ident server at address "127.0.0.1", port 113: Connection refused
FATAL: Ident authentication failed for user "report"
postgres.conf:
#------------------------------------------------------------------------------
# CONNECTIONS AND AUTHENTICATION
#------------------------------------------------------------------------------
# - Connection Settings -
listen_addresses = '*' # what IP address(es) to listen on;
# comma-separated list of addresses;
# defaults to 'localhost', '*' = all
# (change requires restart)
port = 5432 # (change requires restart)
pg_hba.conf:
# TYPE DATABASE USER ADDRESS METHOD
# "local" is for Unix domain socket connections only
local all all peer
# IPv4 local connections:
host all all 127.0.0.1/32 ident
# IPv6 local connections:
host all all ::1/128 ident
# Allow replication connections from localhost, by a user with the
# replication privilege.
host all all 192.168.20.250/32 md5 # This line supports the remote connection that works great
host all report 127.0.0.1/32 md5 # This line is intended to support the local connection that is failing
Jimy McDermott <jmcdermott@catbird.com> writes: > pg_hba.conf: > # TYPE DATABASE USER ADDRESS METHOD > # "local" is for Unix domain socket connections only > local all all peer > # IPv4 local connections: > host all all 127.0.0.1/32 ident > # IPv6 local connections: > host all all ::1/128 ident > # Allow replication connections from localhost, by a user with the > # replication privilege. > host all all 192.168.20.250/32 md5 # > This line supports the remote connection that works great > host all report 127.0.0.1/32 md5 # > This line is intended to support the local connection that is failing pg_hba.conf lines are considered in order, so the second one (with the ident auth method) is matching the incoming connection before the last one ever gets considered. You need to re-order those lines. The rule of thumb is "most specific rule first". regards, tom lane