On Mon, 9 May 2016 14:56:14 -0700 John R Pierce <[email protected]> wrote: > over a tcp socket, there's no way of knowing *WHAT* the system user > is short of querying the unreliable service 'authd' (113/tcp) and > hoping that it A) exists and B) returns something meaningful. > authd/ident services can return virtually anything they want to.
I run both the client web server and the database server. Outside machines require passwords. > when pg_hba.conf is searched, all thats known is the socket type > (host or local), the database name, the requested(!) username, and if > its 'host', the source IP address. this is used to select the > desired authentication method for that combination. Yes, it is missing that one piece I suggested - the ability to select based on the authenticated name. That's what I am trying to work around. -- D'Arcy J.M. Cain <[email protected]> | Democracy is three wolves http://www.druid.net/darcy/ | and a sheep voting on +1 416 788 2246 (DoD#0082) (eNTP) | what's for dinner. IM: [email protected], VoIP: sip:[email protected] -- Sent via pgsql-general mailing list ([email protected]) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-general
