| From: | Vinko Vrsalovic <el(at)vinko(dot)cl> |
|---|---|
| To: | Ken Tozier <kentozier(at)comcast(dot)net> |
| Cc: | PostgreSQL <pgsql-general(at)postgresql(dot)org> |
| Subject: | Re: Superuser log-in through a web interface? |
| Date: | 2004-10-31 17:40:14 |
| Message-ID: | 20041031174014.GA16836@landsat.cprsig.cl |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
On Sun, Oct 31, 2004 at 05:24:34AM -0500, Ken Tozier wrote:
>
> On Oct 31, 2004, at 1:29 AM, Kevin Barnard wrote:
>
> >You have a conceptual error. When connecting you are connecting "to a
> >database". With out the database you are not connecting to anything
> >hence the failure.
>
> That explains it, thanks.
>
> Another pesky problem I've run into is that I can enter literally
> anything into the user name and password fields of my php form and it
> still logs in. What's up with that? Is there some way find out the user
> for a given connection?
This is probably because pg_hba.conf settings. By default, it trusts
connections from localhost, which means that any connection being made
from localhost (which is the case when the web server and database are
running in the same machine) will be accepted regardless of user and password.
You should change these lines in pg_hba.conf
local all all trust
# IPv4-style local connections:
host all all 127.0.0.1/32 trust
and change 'trust' to your preferred auth method (password, md5, etc.)
Check out the docs for authentication methods at
http://www.postgresql.org/docs/7.4/interactive/client-authentication.html
HTH,
--
Vinko Vrsalovic <el[|-(at)-|]vinko.cl>
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2004-10-31 17:47:31 | Re: Daylight Savings Time handling on persistent connections |
| Previous Message | Randall Nortman | 2004-10-31 17:05:58 | Re: Daylight Savings Time handling on persistent connections |