This is a duplicate of: https://stackoverflow.com/questions/55804806/how-does-postgres-host-based-authentication-work
(I was asked to shift this query to DBA.Stackexchange)
I am installing DSPACE which needs Postgresql.
Please see this link: DSPACE INSTALL
It says:
Then tighten up security a bit by editing pg_hba.conf and adding this line:
host dspace dspace 127.0.0.1 255.255.255.255 md5.
I have read on the internet as to how the above line works. It needs a connection type followed by database name/user name followed by IP address and the authentication scheme.
My query is: Should this not be a local (in place of host) connection since the dspace user is running locally?
Can someone show me step by step as to what happens when a request comes in?
Where are the instructions that the dspace user will submit a request using md5?
Best Answer
A
local
connection uses a Unix-domain socket; ahost
connection uses TCP. The linked page says that… because JDBC does not have built-in support for Unix-domain sockets.
As long as a connection is allowed only from
localhost
(as configured inpg_hba.conf
) and only tolocalhost
(as configued bylisten_addresses
), it is as secure as alocal
connection.The
md5
is just an option that specifies how the password is to be encrypted during the connection setup; this is handled automatically by the JDBC driver. For a local connection, or for a connection over SSL, this does not really matter.