Tom Lane wrote: > Bruce Momjian <pgman@candle.pha.pa.us> writes: > > I turned on passwords and did see duplicate connections: > > > LOG: connection received: host=[local] > > LOG: connection received: host=[local] > > LOG: connection authorized: user=postgres database=test > > LOG: disconnection: session time: 0:00:00.61 user=postgres > > database=test host=[local] > > > Basically psql first tries with no password, then when it fails asking > > for a password, it prompts for one and connects. You will notice only > > one "authorized:" message. I think that is the real "connection" line, > > rather than the "recevied" lines. Not sure how we can improve this. We > > could print an "authorization failed" message. Would that help, or just > > be overkill? > > I think that would get people more worried rather than less so --- > psql's customary behavior would make it look like you were being > regularly attacked by password guessers :-(. We do already log the > error message in the cases where a password is actually supplied > and is wrong, so an additional message doesn't seem very helpful. > > One answer is to downgrade the "connection received" to a DEBUGn > message, so that it's only seen by those who presumably have something > of a clue. I don't really care for this, but you could certainly argue > that the other messages are sufficient for normal purposes.
I personally think the current behavior is fine. -- Bruce Momjian | http://candle.pha.pa.us pgman@candle.pha.pa.us | (610) 359-1001 + If your life is a hard drive, | 13 Roberts Road + Christ can be your backup. | Newtown Square, Pennsylvania 19073 ---------------------------(end of broadcast)--------------------------- TIP 3: Have you checked our extensive FAQ? http://www.postgresql.org/docs/faq
