Create connection records

Use the SET CONNECTION command to add a connection record for your client users.

For example, if you have one user who connects from outside the network firewall from an IP address 1.2.3.4, you might want to require that client to use secured SSL connections. You can create a connection record for that user by using the following sample command:

SYSTEM.ADMIN(ADMIN)=> SET CONNECTION HOSTSSL DATABASE 'ALL' IPADDR '1.2.3.4'
SYSTEM.ADMIN(ADMIN)-> IPMASK '255.255.255.255' AUTH SHA256;
SET VARIABLE

This command adds a connection record to the database. A sample SHOW CONNECTION command follows, with the new record added as ID 3:

SYSTEM.ADMIN(ADMIN)=> SHOW CONNECTION; 
 CONNID | CONNTYPE  | CONNDB | CONNIPADDR  |   CONNIPMASK    | CONNAUTH
--------+-----------+--------+-------------+-----------------+--------
      1 | local     | all    |             |                 | trust
      2 | host      | all    | 0.0.0.0     | 0.0.0.0         | md5
      3 | hostssl   | all    | 1.2.3.4     | 255.255.255.255 | SHA256
(3 rows)

This example shows the importance of record precedence. Record ID 2 is the first match for all of the users who remotely connect to the system. Because it is set to host, this record allows either secured or unsecured connections that are based on the connection request from the client. To ensure that the user at 1.2.3.4 is authenticated for a secure connection, drop connection record 2 and add it again by using a new SET CONNECTION record to place the more general record after the more specific record for 1.2.3.4.