| 1 |
On 04/25/13 09:10, J. Roeleveld wrote: |
| 2 |
>On Thu, April 25, 2013 07:48, Joseph wrote: |
| 3 |
> |
| 4 |
><SNIP> |
| 5 |
> |
| 6 |
>> I just tried as you suggested, the only active line in: pg_hba.conf |
| 7 |
>> local all all trust |
| 8 |
>> |
| 9 |
>> anything else is commented out. I restarted the server but I still can |
| 10 |
>> connect to postgresql from another computer via Firefox. |
| 11 |
> |
| 12 |
>Joseph, |
| 13 |
> |
| 14 |
>Let me put it in really simple terms: |
| 15 |
>1) Firefox is NOT a database client, it can NOT connect to a database |
| 16 |
>2) Firefox IS a webbrowser, it ONLY connects to a webserver |
| 17 |
> |
| 18 |
>This means, Postgresql will NOT see ANY connection made by Firefox. |
| 19 |
> |
| 20 |
>The website you have running ON TOP OFF apache makes the connection to |
| 21 |
>Postgresql. |
| 22 |
> |
| 23 |
>Eg. it goes like the following: |
| 24 |
> |
| 25 |
>User <-> Firefox <-> Apache/website <-> Postgresql |
| 26 |
> |
| 27 |
>Any of the above can ONLY see their immediate neighbour. |
| 28 |
> |
| 29 |
>-- |
| 30 |
>Joost |
| 31 |
|
| 32 |
So pg_hba.conf only controls direct connections to postgreSQL. |
| 33 |
Since "apache" group is in postgres user; apache was given permission to access the database in this case py-passing the setting in pg_hba.conf |
| 34 |
Is there a way to force sequence: |
| 35 |
Apache/website <-> pg_hba.conf <-> Postgresql |
| 36 |
|
| 37 |
-- |
| 38 |
Joseph |
Archives