Skip site navigation (1) Skip section navigation (2)

Re: Authentication Failure with pg_pconnect

From: Bruno Wolff III <bruno(at)wolff(dot)to>
To: "scott(dot)marlowe" <scott(dot)marlowe(at)ihs(dot)com>
Cc: dash(at)melchior(dot)rogue-penguin(dot)com, pgsql-php(at)postgresql(dot)org
Subject: Re: Authentication Failure with pg_pconnect
Date: 2003-08-19 16:03:42
Message-ID: 20030819160342.GE18374@wolff.to (view raw or flat)
Thread:
Lists: pgsql-php
On Tue, Aug 19, 2003 at 09:50:33 -0600,
  "scott.marlowe" <scott(dot)marlowe(at)ihs(dot)com> wrote:
> 
> Note that the username of the client (in this case, likely either httpd or 
> nobody) is what postgresql inspects.  your connection string doesn't 
> matter since postgresql is now looking for a user account by the name of 
> whatever user your web server runs under.

This isn't exactly true. The id given in the connection string is
the one that is to be used for the postgres connection. The username of
the client is checked to see if it is an allowed system user for the
postgres user. It is common to force them to match, but other options
are possible.

In response to

pgsql-php by date

Next:From: scott.marloweDate: 2003-08-19 16:24:28
Subject: Re: Postgres connection
Previous:From: scott.marloweDate: 2003-08-19 16:00:47
Subject: Re: Securing PHP scripts

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group