| From: | Peter Eisentraut <peter_e(at)gmx(dot)net> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | "Joshua D(dot) Drake" <jd(at)commandprompt(dot)com>, pgsql-hackers <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Bad error message on valuntil |
| Date: | 2013-06-19 15:24:15 |
| Message-ID: | 51C1CD1F.4070609@gmx.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On 6/7/13 2:57 PM, Tom Lane wrote:
> "Joshua D. Drake" <jd(at)commandprompt(dot)com> writes:
>> I had a customer pulling their hair out today because they couldn't
>> login to their system. The error was consistently:
>
>> 2013-06-07 08:42:44 MST postgres 10.1.11.67 27440 FATAL: password
>> authentication failed for user "user
>
>> However the problem had nothing to do with password authentication. It
>> was because the valuntil on the user had been set till a date in the
>> past. Now technically if we just removed the word "password" from the
>> error it would be accurate but it seems it would be better to say,
>> "FATAL: the user "user" has expired".
>
> I think it's intentional that we don't tell the *client* that level of
> detail. I could see emitting a log message about it, but it's not clear
> whether that will help an unsophisticated user.
Usually, when I log in somewhere and the password is expired, it tells
me that the password is expired. I don't think we gain anything by
hiding that from the user.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Peter Eisentraut | 2013-06-19 15:26:41 | Re: Bugfix and new feature for PGXS |
| Previous Message | Yacov Wolfowicz | 2013-06-19 14:38:36 | Push down |