<!--
-$Header: /cvsroot/pgsql/doc/src/sgml/client-auth.sgml,v 1.58 2003/09/12 22:17:22 tgl Exp $
+$Header: /cvsroot/pgsql/doc/src/sgml/client-auth.sgml,v 1.59 2003/09/13 16:43:38 momjian Exp $
-->
<chapter id="client-authentication">
<para>
This record matches connection attempts using Unix-domain
sockets. Without a record of this type, Unix-domain socket
- connections are disallowed
+ connections are disallowed.
</para>
</listitem>
</varlistentry>
#
# This file controls: which hosts are allowed to connect, how clients
# are authenticated, which PostgreSQL user names they can use, which
-# databases they can access. Records take one of five forms:
+# databases they can access. Records take one of seven forms:
#
-# local DATABASE USER METHOD [OPTION]
-# host DATABASE USER IP-ADDRESS IP-MASK METHOD [OPTION]
-# hostssl DATABASE USER IP-ADDRESS IP-MASK METHOD [OPTION]
-# host DATABASE USER IP-ADDRESS/CIDR-MASK METHOD [OPTION]
-# hostssl DATABASE USER IP-ADDRESS/CIDR-MASK METHOD [OPTION]
+# local DATABASE USER METHOD [OPTION]
+# host DATABASE USER IP-ADDRESS IP-MASK METHOD [OPTION]
+# hostssl DATABASE USER IP-ADDRESS IP-MASK METHOD [OPTION]
+# hostnossl DATABASE USER IP-ADDRESS IP-MASK METHOD [OPTION]
+# host DATABASE USER IP-ADDRESS/CIDR-MASK METHOD [OPTION]
+# hostssl DATABASE USER IP-ADDRESS/CIDR-MASK METHOD [OPTION]
+# hostnossl DATABASE USER IP-ADDRESS/CIDR-MASK METHOD [OPTION]
#
# (The uppercase quantities should be replaced by actual values.)
+# The first field is the connection type: "local" is a Unix-domain socket,
+# "host" is either a plain or SSL-encrypted TCP/IP socket, "hostssl" is an
+# SSL-encrypted TCP/IP socket, and "hostnossl" is a plain TCP/IP socket.
# DATABASE can be "all", "sameuser", "samegroup", a database name (or
# a comma-separated list thereof), or a file name prefixed with "@".
# USER can be "all", an actual user name or a group name prefixed with
projects / postgresql / commitdiff