1 |
On 04/25/13 09:10, J. Roeleveld wrote: |
2 |
>On Thu, April 25, 2013 07:48, Joseph wrote: |
3 |
> |
4 |
><SNIP> |
5 |
> |
6 |
>> I just tried as you suggested, the only active line in: pg_hba.conf |
7 |
>> local all all trust |
8 |
>> |
9 |
>> anything else is commented out. I restarted the server but I still can |
10 |
>> connect to postgresql from another computer via Firefox. |
11 |
> |
12 |
>Joseph, |
13 |
> |
14 |
>Let me put it in really simple terms: |
15 |
>1) Firefox is NOT a database client, it can NOT connect to a database |
16 |
>2) Firefox IS a webbrowser, it ONLY connects to a webserver |
17 |
> |
18 |
>This means, Postgresql will NOT see ANY connection made by Firefox. |
19 |
> |
20 |
>The website you have running ON TOP OFF apache makes the connection to |
21 |
>Postgresql. |
22 |
> |
23 |
>Eg. it goes like the following: |
24 |
> |
25 |
>User <-> Firefox <-> Apache/website <-> Postgresql |
26 |
> |
27 |
>Any of the above can ONLY see their immediate neighbour. |
28 |
> |
29 |
>-- |
30 |
>Joost |
31 |
|
32 |
So pg_hba.conf only controls direct connections to postgreSQL. |
33 |
Since "apache" group is in postgres user; apache was given permission to access the database in this case py-passing the setting in pg_hba.conf |
34 |
Is there a way to force sequence: |
35 |
Apache/website <-> pg_hba.conf <-> Postgresql |
36 |
|
37 |
-- |
38 |
Joseph |