Mapping external usernames to database roles

When using certificate authentication, as described in the previous recipe, or any other external or single sign-on system authentication method from http://www.postgresql.org/docs/9.4/static/auth-methods.html (GSSAPI, SSPI, Kerberos, Radius, or PAM), you often have different usernames in the external system and your database. Or, you may just need to enable some externally authenticated user to connect as multiple database users.

Getting ready

Prepare a list of usernames from the external authentication system and decide which database users they are allowed to connect as—that is, which external users map to which database users.

How to do it…

Create a pg_ident.conf file in the usual place (PGDATA), with ...

Get PostgreSQL 9 Administration Cookbook - Second Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

PostgreSQL 9 Administration Cookbook - Second Edition by Simon Riggs, Gianni Ciolli, Hannu Krosing, Gabriele Bartolini

Mapping external usernames to database roles

Getting ready

How to do it…

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly