[pgpool-general: 8901] Re: pgpool forwarding database users/passwords

Tan Mientras tanimientras at gmail.com
Wed Aug 2 17:29:29 JST 2023


yes

On Wed, Aug 2, 2023 at 10:12 AM Bo Peng <pengbo at sraoss.co.jp> wrote:

> Hi,
>
> Did you enable "enable_pool_hba" in pgpool.conf?
>
>   enable_pool_hba = on
>
> On Wed, 2 Aug 2023 08:39:15 +0200
> Tan Mientras <tanimientras at gmail.com> wrote:
>
> > Using
> >
> > host all all 192.162.122.0/24 password
> >
> > on my pool_hba.conf doesnt work as expected and still complains in logs
> for
> > pool_password file not containing dbusername.
> >
> > On Wed, Aug 2, 2023 at 4:45 AM Bo Peng <pengbo at sraoss.co.jp> wrote:
> >
> > > Hi,
> > >
> > > > How could I configure pgpool to "forward" username/password provided
> by
> > > > client to postgresql? Is there a way to not use pool_passwd file?
> > >
> > > You can avoid maintaining pool_passwd by setting
> > > "allow_clear_text_frontend_auth = on".
> > > However, it is not recommended for production environments for security
> > > reasons.
> > >
> > > If you don't want to maintain pool_passwd,
> > > it is recommended to set "enable_pool_hba = on" and use hostssl and
> > > "password" method
> > > in pool_hba.conf so that clients are enforced to use SSL encryption.
> > >
> > > Please refer to the documentation for more details:
> > >
> https://www.pgpool.net/docs/latest/en/html/auth-methods.html#AUTH-PASSWORD
> > >
> > > On Tue, 1 Aug 2023 14:03:44 +0200
> > > Tan Mientras <tanimientras at gmail.com> wrote:
> > >
> > > > Hi
> > > >
> > > > Newbie here dealing with a minimal 3-node pgpool cluster (using
> bitnami
> > > > docker image).
> > > >
> > > > On my first test after succesfully setting up the cluter, client
> > > complains
> > > > with "pool_passwd file does not contain an entry for 'dbusername'"
> > > >
> > > > After reading
> > > >
> > >
> https://www.pgpool.net/docs/pgpool-II-4.4.3/en/html/client-authentication.html
> > > > I'm still unable to understand if pgpool can forward the credentials
> to
> > > > postgresql or if it always act as a "man in the middle" and uses
> their
> > > own
> > > > credentials to query the db.
> > > >
> > > > How could I configure pgpool to "forward" username/password provided
> by
> > > > client to postgresql? Is there a way to not use pool_passwd file?
> > > >
> > > > Thanks in advance
> > > > Regards.
> > >
> > >
> > > --
> > > Bo Peng <pengbo at sraoss.co.jp>
> > > SRA OSS LLC
> > > TEL: 03-5979-2701 FAX: 03-5979-2702
> > > URL: https://www.sraoss.co.jp/
> > >
>
>
> --
> Bo Peng <pengbo at sraoss.co.jp>
> SRA OSS LLC
> TEL: 03-5979-2701 FAX: 03-5979-2702
> URL: https://www.sraoss.co.jp/
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.pgpool.net/pipermail/pgpool-general/attachments/20230802/2ba81757/attachment.htm>


More information about the pgpool-general mailing list