| # pgpool Client Authentication Configuration File a custom version |
| # =============================================== |
| # |
| # The format rule in this file follows the rules in the PostgreSQL |
| # Administrator's Guide. Refer to chapter "Client Authentication" for a |
| # complete description. A short synopsis follows. |
| # |
| # This file controls: which hosts are allowed to connect, how clients |
| # are authenticated, which user names they can use, which databases they |
| # can access. Records take one of these forms: |
| # |
| # local DATABASE USER METHOD [OPTION] |
| # host DATABASE USER CIDR-ADDRESS METHOD [OPTION] |
| # |
| # (The uppercase items must be replaced by actual values.) |
| # |
| # The first field is the connection type: "local" is a Unix-domain |
| # socket, "host" is either a plain or SSL-encrypted TCP/IP socket. |
| # |
| # DATABASE can be "all", "sameuser", a database name, or a comma-separated |
| # list thereof. Note that "samegroup" like in PostgreSQL's pg_hba.conf |
| # file is not supported, since pgpool does not know which group a user |
| # belongs to. Also note that the database specified here may not exist in |
| # the backend PostgreSQL. pgpool will authenticate based on the database's |
| # name, not based on whether it exists or not. |
| # |
| # USER can be "all", a user name, or a comma-separated list thereof. In |
| # both the DATABASE and USER fields you can also write a file name prefixed |
| # with "@" to include names from a separate file. Note that a group name |
| # prefixed with "+" like in PostgreSQL's pg_hba.conf file is not supported |
| # because of the same reason as "samegroup" token. Also note that a user |
| # name specified here may not exist in the backend PostgreSQL. pgpool will |
| # authenticate based on the user's name, not based on whether he/she exists. |
| # |
| # CIDR-ADDRESS specifies the set of hosts the record matches. |
| # It is made up of an IP address and a CIDR mask that is an integer |
| # (between 0 and 32 (IPv4) that specifies the number of significant bits in |
| # the mask. Alternatively, you can write an IP address and netmask in |
| # separate columns to specify the set of hosts. |
| # |
| # METHOD can be "trust", "reject", "md5" or "pam". Note that "pam" sends passwords |
| # in clear text. |
| # |
| # OPTION is the name of the PAM service. Default service name is "pgpool" |
| # |
| # Database and user names containing spaces, commas, quotes and other special |
| # characters must be quoted. Quoting one of the keywords "all" or "sameuser" |
| # makes the name lose its special character, and just match a database or |
| # username with that name. |
| # |
| # This file is read on pgpool startup. If you edit the file on a running |
| # system, you have to restart the pgpool for the changes to take effect. |
| |
| # Put your actual configuration here |
| # ---------------------------------- |
| # |
| # If you want to allow non-local connections, you need to add more |
| # "host" records. In that case you will also need to make pgpool listen |
| # on a non-local interface via the listen_addresses configuration parameter. |
| # |
| |
| # TYPE DATABASE USER CIDR-ADDRESS METHOD |
| |
| # "local" is for Unix domain socket connections only |
| #local all all trust |
| # IPv4 local connections: |
| host all all 0.0.0.0/0 md5 |