| From: | Hari Babu <haribabu(dot)kommi(at)huawei(dot)com> |
|---|---|
| To: | "'Dave Cramer'" <pg(at)fastcrypt(dot)com> |
| Cc: | "'List'" <pgsql-jdbc(at)postgresql(dot)org> |
| Subject: | Re: JDBC connection test with SSL on PG 9.2.1 server |
| Date: | 2013-01-29 05:09:45 |
| Message-ID: | 00a401cdfdde$db9737e0$92c5a7a0$@kommi@huawei.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general pgsql-jdbc |
On Monday, January 28, 2013 10:20 PM, Dave Cramer wrote:
>>On Mon, Jan 28, 2013 at 9:03 AM, Hari Babu < <mailto:haribabu(dot)kommi(at)huawei(dot)com> haribabu(dot)kommi(at)huawei(dot)com> wrote:
>>While testing PostgreSQL JDBC java client to connect to the PG 9.2.1
>>database server using SSL.
>>we got the following behavior.
>>
>>The test steps as below:
>>
>>url = "jdbc:postgresql://" + "10.145.98.227" + ':'
>> + "8707" + '/'
>> + "POSTGRES";
>> Properties props = new Properties();
>> props.setProperty("user", "CLIENT");
>> props.setProperty("password", "1234(at)QWER");
>> props.setProperty("ssl", "true");
>>
>> System.setProperty("javax.net.ssl.trustStore", "193store");
>> System.setProperty("javax.net.ssl.keyStore", "193client.jks");
>> System.setProperty("javax.net.ssl.trustStorePassword", "qwerty");
>> System.setProperty("javax.net.ssl.keyStorePassword", "qwerty");
>>
>> /*Begin the first ssl connection*/
>> conn1 = DriverManager.getConnection(url, props);
>> System.out.println("Connection1 successful!");
>>
>>
>> System.setProperty("javax.net.ssl.trustStore", "193store");
>> System.setProperty("javax.net.ssl.keyStore", "193client.jks");
>> System.setProperty("javax.net.ssl.trustStorePassword", "qwerty");
>> System.setProperty("javax.net.ssl.keyStorePassword", "wrongpassword");
>>
>> /*Begin the second ssl connection*/
>> conn2 = DriverManager.getConnection(url, props);
>> System.out.println("Connection2 successful!");
>>
>>Before first connection we set
>>"System.setProperty("javax.net.ssl.keyStorePassword", "qwerty");" qwerty is
>>the right password
>>and before second SSL connection we set
>>"System.setProperty("javax.net.ssl.keyStorePassword", "wrongpassword");"
>>wrongpassword is the wrong password.
>>
>>we expect the first SSL connection will be successful and second failed
>>because of wrong password, but actually we get two successful SSL
>>connections.
>>We found that if the first SSL connections password set right, all the
>>following SSL connections are fine ,even set wrong keystroke password.
>>
>>1. Is this a defect about JDBC?
>>2. Is it SSL behavior to authenticate only once?
>>3. Is it system property behavior can be set only once.
>>4. Is it because of any other problems?
>>
>>please give your suggestions?
>JDBC uses java's SSL infrastructure, as such I don't think it's a defect in JDBC. It could be because your truststore >does not require a password.
I removed the trustStorePassword setting from the test, still the second connection is getting success with the wrong
keyStorePassword.
Regards,
Hari babu.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Hari Babu | 2013-01-29 05:24:51 | JDBC connection test with SSL on PG 9.2.1 server |
| Previous Message | Bob Futrelle | 2013-01-28 22:42:01 | Re: JDBC - Need to declare variables for values in insert statement |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Chen Huajun | 2013-01-29 05:43:18 | Re: [BUGS]log can not be output when use DataSource |
| Previous Message | dmp | 2013-01-28 23:00:42 | Re: Bug report: NullPointerException from Driver.connect when passed a Properties with non-string values |