View Issue Details

IDProjectCategoryView StatusLast Update
0000170Pgpool-IIEnhancementpublic2019-06-17 23:03
ReportergabrimonfaAssigned Tot-ishii 
PrioritynormalSeverityminorReproducibilityalways
Status closedResolutionopen 
Platformpgpool-II 3.5OSLinuxOS VersionCentos 7 64bit
Product Version 
Target VersionFixed in Version 
Summary0000170: md5 authentication without using pool_passwd
DescriptionI need client to use md5 authentication, using pgpool
Using pool_passwd and pool_hba for md5 need a restart to simply add/modify a user which breaks all existing connections.

What I need is a way to bypass pgpool authentication and use only postgresql authentication which is set to md5, aka pgpool should only transparently try to authenticate against postgresql without doing any authentication by itself.

Using trust in pool_hba and md5 in pg_hba results in "MD5 authentication is unsupported in replication, master-slave and parallel mode".

Am I doing something wrong?
TagsNo tags attached.

Activities

t-ishii

2016-03-04 18:01

developer   ~0000671

That's an expected behavior. See:
http://pgpool.net/mediawiki/index.php/FAQ#I_created_pool_hba.conf_and_pool_passwd_to_enable_md5_authentication_through_pgpool-II_but_it_does_not_work._Why.3F

gabrimonfa

2016-03-04 18:55

reporter   ~0000672

Yes, I know.
In fact I'm asking for an enhancement.
It is painful to keep user and password alligned between postgresql and pgpool.

I would like the client to use md5.
I set pg_hba to use md5 from the pgpool host (localhost in my case).
I set pool_hba to use md5 from client hosts.
Why md5 password cannot be passed to postgresql without checking pool_passwd?
Is there a technical reason?
If postgresql authentication succeeds, client authentication succeeds, otherwise fails.
Why double authentication against pgpool and postgresql?

To be complete, I'm using a couple of pgpool in HA with two backends in streaming replication and hot standby.

t-ishii

2016-03-07 11:27

developer   ~0000676

If it's an enhancement request, please post it to one of our mailing lists.

Issue History

Date Modified Username Field Change
2016-03-04 00:26 gabrimonfa New Issue
2016-03-04 18:01 t-ishii Note Added: 0000671
2016-03-04 18:01 t-ishii Assigned To => t-ishii
2016-03-04 18:01 t-ishii Status new => feedback
2016-03-04 18:55 gabrimonfa Note Added: 0000672
2016-03-04 18:55 gabrimonfa Status feedback => assigned
2016-03-07 11:27 t-ishii Note Added: 0000676
2016-03-18 14:13 t-ishii Status assigned => closed