Postgresql 外部数据包装器错误 如果服务器未请求密码，则非超级用户无法连接

Question

我们正在使用 postgres_fdw 扩展来访问另一个数据库的视图。 我测试了在 2 个不同的 PostgreSQL 服务器上访问外部表，它在一台服务器上工作，而另一台服务器抛出以下错误

SQL Error [2F003]: ERROR: password is required
  Detail: Non-superuser cannot connect if the server does not request a password.
  Hint: Target server's authentication method must be changed.

我检查了 pg_hba.conf 文件，一个服务器正在使用信任方法进行本地访问，但仍然没有出错，但是另一台服务器在 trust 和 md5 这两个选项中都出现了错误。

下面是两台服务器的conf文件

1. 抛出错误的服务器

2. 运行查询的服务器没有任何错误

下面是我创建外部服务器的脚本

DO $$
Begin 



if not exists(select 1 from pg_foreign_server where srvname='fdw_dxpcore') then 

If not Exists (select * from pg_user where usename='pgfwduser') then
create role pgfwduser with login password 'test@123';
end if;

If Exists (select * from pg_user where usename='pgfwduser') then



IF Exists (select * from pg_database where datname = 'ars') Then
grant connect on database ars to pgfwduser;
End IF;

grant usage on schema public to pgfwduser;
GRANT SELECT ON all tables in schema public TO pgfwduser;
ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT SELECT ON TABLES to pgfwduser;
End IF;



-- create foreign data wrapper extension 
CREATE EXTENSION if not exists postgres_fdw;

-- create foreign servers for dxpcore
if not exists(select 1 from pg_foreign_server where srvname='fdw_dxpcore') then 
CREATE SERVER fdw_dxpcore
        FOREIGN DATA WRAPPER postgres_fdw
        OPTIONS (host 'localhost', port '5432', dbname 'dxpcore', fetch_size '50000');
end if;


--- assign foreign table access to 
if exists (select 1 from pg_roles where rolname='postgres') then
if not exists (select * from information_schema.user_mappings where foreign_server_name = 'fdw_dxpcore' and authorization_identifier = 'postgres') Then
CREATE USER MAPPING  FOR postgres
        SERVER fdw_dxpcore
        OPTIONS (user 'pgfwduser',password 'test@123');
End IF;     
end if;

/*Import Foreign Tables*/

IMPORT FOREIGN SCHEMA public LIMIT TO (v_resguestids,v_resguestids_shore_ship)  
    FROM SERVER fdw_dxpcore INTO public;

if exists (select 1 from pg_roles where rolname='pgappuser') then
if not exists (select * from information_schema.user_mappings where foreign_server_name = 'fdw_dxpcore' and authorization_identifier = 'pgappuser') Then
CREATE USER MAPPING  FOR pgappuser
        SERVER fdw_dxpcore
        OPTIONS (user 'pgfwduser',password 'test@123');
End IF;     
end if;

End if;



If Exists (select * from pg_user where usename='pgappuser') Then

        ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT SELECT, INSERT, UPDATE, DELETE ON TABLES to pgappuser;
        ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT SELECT, USAGE ON SEQUENCES to pgappuser;
        ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT EXECUTE ON FUNCTIONS to pgappuser;

        GRANT  USAGE  ON SCHEMA public TO  pgappuser;
        GRANT SELECT, INSERT, UPDATE, DELETE ON ALL TABLES IN SCHEMA public TO  pgappuser;
        GRANT USAGE, SELECT ON ALL SEQUENCES IN SCHEMA public TO pgappuser;
        GRANT EXECUTE ON ALL FUNCTIONs IN SCHEMA public TO pgappuser;

End IF;




If Exists (select * from pg_user where usename='pgfwduser') Then

        ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT SELECT ON TABLES to pgfwduser;
        ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT SELECT, USAGE ON SEQUENCES to pgfwduser;
        ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT EXECUTE ON FUNCTIONS to pgfwduser;

        GRANT  USAGE  ON SCHEMA public TO  pgfwduser;
        GRANT SELECT ON ALL TABLES IN SCHEMA public TO  pgfwduser;
        GRANT USAGE, SELECT ON ALL SEQUENCES IN SCHEMA public TO pgfwduser;
        GRANT EXECUTE ON ALL FUNCTIONs IN SCHEMA public TO pgfwduser;
End IF;




End $$;

Answer 1

我检查了 pg_hba.conf 文件，一个服务器正在使用信任方法进行本地访问，但仍然没有出错，但是另一台服务器在 trust 和 md5 这两个选项中都出现了错误。

和

 OPTIONS (host 'localhost', port '5432', dbname 'dxpcore', fetch_size '50000');

“本地主机”与“本地”不同。 相反，它与“127.0.0.1”相同（除非您对网络配置做了一些奇怪的事情。）不抛出错误的机器没有使用“信任”，因为它不是通过 unix 套接字连接。 它是通过 TCP 环回设备连接的。