1 files changed, 32 insertions, 0 deletions

diff --git a/doc/src/sgml/connection-settings.sgml b/doc/src/sgml/connection-settings.sgml
index 5bc156a36..c3bc63cad 100644
--- a/doc/src/sgml/connection-settings.sgml
+++ b/doc/src/sgml/connection-settings.sgml
@@ -256,6 +256,38 @@
 	</listitem>
       </varlistentry>
 
+      <varlistentry id="guc-allow-clear-text-frontend-auth" xreflabel="allow_clear_text_frontend_auth">
+	<term><varname>allow_clear_text_frontend_auth</varname> (<type>boolean</type>)
+	  <indexterm>
+	    <primary><varname>allow_clear_text_frontend_auth</varname> configuration parameter</primary>
+	  </indexterm>
+	</term>
+	<listitem>
+	  <para>
+        If <productname>PostgreSQL</productname> backend servers require
+        <literal>md5</literal> or <literal> SCRAM</literal> authentication for some
+        user's authentication but the password for that user is not present in the
+        <filename>"pool_passwd"</filename> file, then enabling
+        <literal>allow_clear_text_frontend_auth</literal> will allow the
+        <productname>Pgpool-II</productname> to use clear-text-password
+        authentication with frontend clients to get the password in palin text form
+        from the client and use it for backend authentication.
+	  </para>
+	  <para>
+	      Default is <literal>false</literal>
+	  </para>
+	  <para>
+	    This parameter can be changed by reloading
+	    the <productname>Pgpool-II</productname> configurations.
+	  </para>
+      <note>
+        <para>
+          <literal>allow_clear_text_frontend_auth</literal> only works when <xref linkend="guc-enable-pool-hba"> is not enabled
+        </para>
+      </note>
+	</listitem>
+      </varlistentry>
+
       <varlistentry id="guc-authentication-timeout" xreflabel="authentication_timeout">
 	<term><varname>authentication_timeout</varname> (<type>integer</type>)
 	  <indexterm>