| From: | Bruno Wolff III <bruno(at)wolff(dot)to> |
|---|---|
| To: | "scott(dot)marlowe" <scott(dot)marlowe(at)ihs(dot)com> |
| Cc: | dash(at)melchior(dot)rogue-penguin(dot)com, pgsql-php(at)postgresql(dot)org |
| Subject: | Re: Authentication Failure with pg_pconnect |
| Date: | 2003-08-19 16:03:42 |
| Message-ID: | 20030819160342.GE18374@wolff.to |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-php |
On Tue, Aug 19, 2003 at 09:50:33 -0600,
"scott.marlowe" <scott(dot)marlowe(at)ihs(dot)com> wrote:
>
> Note that the username of the client (in this case, likely either httpd or
> nobody) is what postgresql inspects. your connection string doesn't
> matter since postgresql is now looking for a user account by the name of
> whatever user your web server runs under.
This isn't exactly true. The id given in the connection string is
the one that is to be used for the postgres connection. The username of
the client is checked to see if it is an allowed system user for the
postgres user. It is common to force them to match, but other options
are possible.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | scott.marlowe | 2003-08-19 16:24:28 | Re: Postgres connection |
| Previous Message | scott.marlowe | 2003-08-19 16:00:47 | Re: Securing PHP scripts |