On 06/07/2013 11:57 AM, Tom Lane wrote:
"Joshua D. Drake" <j...@commandprompt.com> writes:
I had a customer pulling their hair out today because they couldn't
login to their system. The error was consistently:
2013-06-07 08:42:44 MST postgres 10.1.11.67 27440 FATAL: password
authentication failed for user "user
However the problem had nothing to do with password authentication. It
was because the valuntil on the user had been set till a date in the
past. Now technically if we just removed the word "password" from the
error it would be accurate but it seems it would be better to say,
"FATAL: the user "user" has expired".
I think it's intentional that we don't tell the *client* that level of
detail.
Why? That seems rather silly.
I could see emitting a log message about it, but it's not clear
whether that will help an unsophisticated user.
This is not an unsophisticated user. They tried resetting the password,
even changing the username to lowercase in case it was some weird
folding issue. Granted they didn't check pg_user but then again, I
didn't at first either because, well the error was rather obvious until
it wasn't.
Sincerely,
JD
regards, tom lane
--
Command Prompt, Inc. - http://www.commandprompt.com/ 509-416-6579
PostgreSQL Support, Training, Professional Services and Development
High Availability, Oracle Conversion, Postgres-XC, @cmdpromptinc
For my dreams of your image that blossoms
a rose in the deeps of my heart. - W.B. Yeats
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers
