Postgresql 外部數據包裝器錯誤 如果服務器未請求密碼，則非超級用戶無法連接

Question

我們正在使用 postgres_fdw 擴展來訪問另一個數據庫的視圖。 我測試了在 2 個不同的 PostgreSQL 服務器上訪問外部表，它在一台服務器上工作，而另一台服務器拋出以下錯誤

SQL Error [2F003]: ERROR: password is required
  Detail: Non-superuser cannot connect if the server does not request a password.
  Hint: Target server's authentication method must be changed.

我檢查了 pg_hba.conf 文件，一個服務器正在使用信任方法進行本地訪問，但仍然沒有出錯，但是另一台服務器在 trust 和 md5 這兩個選項中都出現了錯誤。

下面是兩台服務器的conf文件

1. 拋出錯誤的服務器

2. 運行查詢的服務器沒有任何錯誤

下面是我創建外部服務器的腳本

DO $$
Begin 



if not exists(select 1 from pg_foreign_server where srvname='fdw_dxpcore') then 

If not Exists (select * from pg_user where usename='pgfwduser') then
create role pgfwduser with login password 'test@123';
end if;

If Exists (select * from pg_user where usename='pgfwduser') then



IF Exists (select * from pg_database where datname = 'ars') Then
grant connect on database ars to pgfwduser;
End IF;

grant usage on schema public to pgfwduser;
GRANT SELECT ON all tables in schema public TO pgfwduser;
ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT SELECT ON TABLES to pgfwduser;
End IF;



-- create foreign data wrapper extension 
CREATE EXTENSION if not exists postgres_fdw;

-- create foreign servers for dxpcore
if not exists(select 1 from pg_foreign_server where srvname='fdw_dxpcore') then 
CREATE SERVER fdw_dxpcore
        FOREIGN DATA WRAPPER postgres_fdw
        OPTIONS (host 'localhost', port '5432', dbname 'dxpcore', fetch_size '50000');
end if;


--- assign foreign table access to 
if exists (select 1 from pg_roles where rolname='postgres') then
if not exists (select * from information_schema.user_mappings where foreign_server_name = 'fdw_dxpcore' and authorization_identifier = 'postgres') Then
CREATE USER MAPPING  FOR postgres
        SERVER fdw_dxpcore
        OPTIONS (user 'pgfwduser',password 'test@123');
End IF;     
end if;

/*Import Foreign Tables*/

IMPORT FOREIGN SCHEMA public LIMIT TO (v_resguestids,v_resguestids_shore_ship)  
    FROM SERVER fdw_dxpcore INTO public;

if exists (select 1 from pg_roles where rolname='pgappuser') then
if not exists (select * from information_schema.user_mappings where foreign_server_name = 'fdw_dxpcore' and authorization_identifier = 'pgappuser') Then
CREATE USER MAPPING  FOR pgappuser
        SERVER fdw_dxpcore
        OPTIONS (user 'pgfwduser',password 'test@123');
End IF;     
end if;

End if;



If Exists (select * from pg_user where usename='pgappuser') Then

        ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT SELECT, INSERT, UPDATE, DELETE ON TABLES to pgappuser;
        ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT SELECT, USAGE ON SEQUENCES to pgappuser;
        ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT EXECUTE ON FUNCTIONS to pgappuser;

        GRANT  USAGE  ON SCHEMA public TO  pgappuser;
        GRANT SELECT, INSERT, UPDATE, DELETE ON ALL TABLES IN SCHEMA public TO  pgappuser;
        GRANT USAGE, SELECT ON ALL SEQUENCES IN SCHEMA public TO pgappuser;
        GRANT EXECUTE ON ALL FUNCTIONs IN SCHEMA public TO pgappuser;

End IF;




If Exists (select * from pg_user where usename='pgfwduser') Then

        ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT SELECT ON TABLES to pgfwduser;
        ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT SELECT, USAGE ON SEQUENCES to pgfwduser;
        ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT EXECUTE ON FUNCTIONS to pgfwduser;

        GRANT  USAGE  ON SCHEMA public TO  pgfwduser;
        GRANT SELECT ON ALL TABLES IN SCHEMA public TO  pgfwduser;
        GRANT USAGE, SELECT ON ALL SEQUENCES IN SCHEMA public TO pgfwduser;
        GRANT EXECUTE ON ALL FUNCTIONs IN SCHEMA public TO pgfwduser;
End IF;




End $$;

Answer 1

我檢查了 pg_hba.conf 文件，一個服務器正在使用信任方法進行本地訪問，但仍然沒有出錯，但是另一台服務器在 trust 和 md5 這兩個選項中都出現了錯誤。

和

 OPTIONS (host 'localhost', port '5432', dbname 'dxpcore', fetch_size '50000');

“本地主機”與“本地”不同。 相反，它與“127.0.0.1”相同（除非您對網絡配置做了一些奇怪的事情。）不拋出錯誤的機器沒有使用“信任”，因為它不是通過 unix 套接字連接。 它是通過 TCP 環回設備連接的。