Contents
- Getting Started
- Deployment
- Login Dialog
- Enabling two-factor authentication (2FA)
- User Management Dialog
- Change Ownership Dialog
- Change User Password Dialog
- Lock/Restore Account
- Enabling LDAP Authentication
- Enabling Kerberos Authentication
- Enabling OAUTH2 Authentication
- Enabling Webserver Authentication
- User Interface
- Menu Bar
- Toolbar
- Tabbed Browser
- Tree Control
- Preferences Dialog
- Keyboard Shortcuts:
- Search objects
- External database for pgAdmin user settings
- Connecting To A Server
- Managing Cluster Objects
- Managing Database Objects
- Creating or Modifying a Table
- Management Basics
- Backup and Restore
- Developer Tools
- Processes
- pgAgent
- pgAdmin Project Contributions
- Release Notes
- Licence
Enabling Webserver Authentication¶
To configure Webserver authentication, you must setup your webserver with any authentication plug-in (such as Shibboleth, HTTP BASIC auth) as long as it sets the REMOTE_USER environment variable. To enable Webserver authentication for pgAdmin, you must configure the Webserver settings in the config_local.py or config_system.py file (see the config.py documentation) on the system where pgAdmin is installed in Server mode. You can copy these settings from config.py file and modify the values for the following parameters:
Parameter |
Description |
---|---|
AUTHENTICATION_SOURCES |
The default value for this parameter is internal. To enable OAUTH2 authentication, you must include webserver in the list of values for this parameter. you can modify the value as follows:
|
WEBSERVER_AUTO_CREATE_USER |
|
WEBSERVER_REMOTE_USER |
|
Master Password¶
In the multi user mode, pgAdmin uses user’s login password to encrypt/decrypt the PostgreSQL server password. In the Webserver authentication, the pgAdmin does not store the user’s password, so we need an encryption key to store the PostgreSQL server password. To accomplish this, set the configuration parameter MASTER_PASSWORD to True, so upon setting the master password, it will be used as an encryption key while storing the password. If it is False, the server password can not be stored.