简体   繁体   English

Postgresql 外部数据包装器错误 如果服务器未请求密码,则非超级用户无法连接

[英]Postgresql Foreign data wrapper error Non-superuser cannot connect if the server does not request a password

We are using postgres_fdw extension to access views of another database.我们正在使用 postgres_fdw 扩展来访问另一个数据库的视图。 I have tested accessing foreign tables on 2 different PostgreSQL servers, it's working on one server and another server is throwing below error我测试了在 2 个不同的 PostgreSQL 服务器上访问外部表,它在一台服务器上工作,而另一台服务器抛出以下错误

SQL Error [2F003]: ERROR: password is required
  Detail: Non-superuser cannot connect if the server does not request a password.
  Hint: Target server's authentication method must be changed.

i have checked pg_hba.conf file and one server is using trust method for local access and still not getting error however another server is getting the error with trust and md5 both options.我检查了 pg_hba.conf 文件,一个服务器正在使用信任方法进行本地访问,但仍然没有出错,但是另一台服务器在 trust 和 md5 这两个选项中都出现了错误。

below are conf files of both servers下面是两台服务器的conf文件

  1. The server which is throwing error抛出错误的服务器

在此处输入图片说明

  1. server where query is running without any error运行查询的服务器没有任何错误

在此处输入图片说明

Below is my script to create a foreign server下面是我创建外部服务器的脚本

DO $$
Begin 



if not exists(select 1 from pg_foreign_server where srvname='fdw_dxpcore') then 

If not Exists (select * from pg_user where usename='pgfwduser') then
create role pgfwduser with login password 'test@123';
end if;

If Exists (select * from pg_user where usename='pgfwduser') then



IF Exists (select * from pg_database where datname = 'ars') Then
grant connect on database ars to pgfwduser;
End IF;

grant usage on schema public to pgfwduser;
GRANT SELECT ON all tables in schema public TO pgfwduser;
ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT SELECT ON TABLES to pgfwduser;
End IF;



-- create foreign data wrapper extension 
CREATE EXTENSION if not exists postgres_fdw;

-- create foreign servers for dxpcore
if not exists(select 1 from pg_foreign_server where srvname='fdw_dxpcore') then 
CREATE SERVER fdw_dxpcore
        FOREIGN DATA WRAPPER postgres_fdw
        OPTIONS (host 'localhost', port '5432', dbname 'dxpcore', fetch_size '50000');
end if;


--- assign foreign table access to 
if exists (select 1 from pg_roles where rolname='postgres') then
if not exists (select * from information_schema.user_mappings where foreign_server_name = 'fdw_dxpcore' and authorization_identifier = 'postgres') Then
CREATE USER MAPPING  FOR postgres
        SERVER fdw_dxpcore
        OPTIONS (user 'pgfwduser',password 'test@123');
End IF;     
end if;

/*Import Foreign Tables*/

IMPORT FOREIGN SCHEMA public LIMIT TO (v_resguestids,v_resguestids_shore_ship)  
    FROM SERVER fdw_dxpcore INTO public;

if exists (select 1 from pg_roles where rolname='pgappuser') then
if not exists (select * from information_schema.user_mappings where foreign_server_name = 'fdw_dxpcore' and authorization_identifier = 'pgappuser') Then
CREATE USER MAPPING  FOR pgappuser
        SERVER fdw_dxpcore
        OPTIONS (user 'pgfwduser',password 'test@123');
End IF;     
end if;

End if;



If Exists (select * from pg_user where usename='pgappuser') Then

        ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT SELECT, INSERT, UPDATE, DELETE ON TABLES to pgappuser;
        ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT SELECT, USAGE ON SEQUENCES to pgappuser;
        ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT EXECUTE ON FUNCTIONS to pgappuser;

        GRANT  USAGE  ON SCHEMA public TO  pgappuser;
        GRANT SELECT, INSERT, UPDATE, DELETE ON ALL TABLES IN SCHEMA public TO  pgappuser;
        GRANT USAGE, SELECT ON ALL SEQUENCES IN SCHEMA public TO pgappuser;
        GRANT EXECUTE ON ALL FUNCTIONs IN SCHEMA public TO pgappuser;

End IF;




If Exists (select * from pg_user where usename='pgfwduser') Then

        ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT SELECT ON TABLES to pgfwduser;
        ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT SELECT, USAGE ON SEQUENCES to pgfwduser;
        ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT EXECUTE ON FUNCTIONS to pgfwduser;

        GRANT  USAGE  ON SCHEMA public TO  pgfwduser;
        GRANT SELECT ON ALL TABLES IN SCHEMA public TO  pgfwduser;
        GRANT USAGE, SELECT ON ALL SEQUENCES IN SCHEMA public TO pgfwduser;
        GRANT EXECUTE ON ALL FUNCTIONs IN SCHEMA public TO pgfwduser;
End IF;




End $$;

i have checked pg_hba.conf file and one server is using trust method for local access and still not getting error however another server is getting the error with trust and md5 both options.我检查了 pg_hba.conf 文件,一个服务器正在使用信任方法进行本地访问,但仍然没有出错,但是另一台服务器在 trust 和 md5 这两个选项中都出现了错误。

and

 OPTIONS (host 'localhost', port '5432', dbname 'dxpcore', fetch_size '50000');

'localhost' is not the same thing as 'local'. “本地主机”与“本地”不同。 It is instead the same thing as '127.0.0.1' (unless you did something strange with your network config.) The machine not throwing errors is not using 'trust', because it is not connecting through unix sockets.相反,它与“127.0.0.1”相同(除非您对网络配置做了一些奇怪的事情。)不抛出错误的机器没有使用“信任”,因为它不是通过 unix 套接字连接。 It is connecting through TCP loopback device.它是通过 TCP 环回设备连接的。

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM