It seems quite unsecure in general as config.... With this config you: Allow any user on the local system to connect to any database under any database user name using Unix-domain sockets (the default for local connections). Depending on the fact that on this server there are local connected linux users or not, it could be a problem... Connecting via web you use in effect unix domain sockets, if the web and db are the same machine.
Suppose db and web server are different and you have two different postgresql databases on your db-system, one used for sql-ledger (named gl) and the other for different purposes (es. named nogl). In sql-ledger setup you create a database user named "sledger" to establish connections to the db and you want to allow access to your db through you local lan 192.168.0/24 and you want to use the db password for the authentication, so that you don't need to create a Linux user for this on the db-system, you can put a line similar to this: host gl sledger 192.168.0.0/24 md5 In this way one can connect only to the gl db, only from 192.168.0.0/24 and only with the db user sledger. For authentication against the db will be performed md5 encryption. Other useful examples to better understand the whole logic can be found for the various db versions at the links: http://www.postgresql.org/docs/7.3/static/client-authentication.html http://www.postgresql.org/docs/7.4/static/client-authentication.html http://www.postgresql.org/docs/8.0/static/client-authentication.html http://www.postgresql.org/docs/8.1/static/client-authentication.html Probably minor differences between them HIH Gianluca > -----Messaggio originale----- > Da: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] Per > conto di Danita Zanre > Inviato: mercoledì 18 ottobre 2006 3.38 > A: [email protected] > Oggetto: Re: [SL] Moving SQL-Ledger to another server > > >If your new configuration is the same as your old one... > maybe you can > >use your old pg_hba file from the old server ? > > Alas, I managed to get the database backed up, along with my > users and templates directories, and now that former server > is all but dead! Of course, I would swear that I had tried > this once before, but I'm not going to fret over it - just be > happy it's working now! > > I got this to work by using "trust" in the local line - not > sure I like that, but until I can understand it better, at > least that's something :) > > Thanks! > > Danita > > > > -------------------------------------------------------------- > ----------- > Using Tomcat but need to do more? Need to support web > services, security? > Get stuff done quickly with pre-integrated technology to make > your job easier Download IBM WebSphere Application Server > v.1.0.1 based on Apache Geronimo > http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&; dat=121642 > _______________________________________________ > sql-ledger-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/sql-ledger-users > ------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 _______________________________________________ sql-ledger-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/sql-ledger-users
