From: | Adrian Klaver <adrian(dot)klaver(at)aklaver(dot)com> |
---|---|
To: | Rama Krishnan <raghuldrag(at)gmail(dot)com> |
Cc: | pgsql-general <pgsql-general(at)postgresql(dot)org> |
Subject: | Re: Valid until |
Date: | 2024-05-18 14:48:02 |
Message-ID: | 30b136fe-2b04-4251-96ea-0faf60acd5bf@aklaver.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-general |
On 5/18/24 03:09, Rama Krishnan wrote:
Reply to list also.
Ccing list
>
> Hi Adrian,
>
> I have modified the pg_hba entry from trust to md5 like below
>
> ```
> local all all md5
That would be the issue. trust ignores the password check.
>
> ```
>
>
> When i have tired with postgres user I am able to connect
Which is expected as postgres does not have a 'valid until' restriction.
>
>
> [postgres(at)postgres16 data]$ psql -U postgres -d postgres
> Password for user postgres:
> psql (16.2)
> Type "help" for help.
>
>
>
> postgres=# \du
> List of roles
> Role name | Attributes
> ------------+------------------------------------------------------------
> pgbackrest | Replication
> postgres | Superuser, Create role, Create DB, Replication, Bypass RLS
> test | Password valid until 2023-05-13 00:00:00+00
> user_name | Password valid until 2024-05-13 00:00:00+00
>
>
>
> But when i tried with test or user_name user even though I am passing
> the correct value I am getting this error
Again as expected as the 'valid until' timestamp is in the past.
>
>
> ```
> [postgres(at)postgres16 data]$ psql -U test -d postgres
> Password for user test:
> psql: error: connection to server on socket
> "/run/postgresql/.s.PGSQL.5432" failed: FATAL: password authentication
> failed for user "test"
>
> postgres=# \c postgres user_name
> Password for user user_name:
> connection to server on socket "/run/postgresql/.s.PGSQL.5432" failed:
> FATAL: password authentication failed for user "user_name"
>
> ```
>
> Once i done the changes the valid until expiration date
>
> ```
>
> postgres=# alter user test VALID UNTIL '2024-05-19';
> ALTER ROLE
>
> postgres=> \du
> List of roles
> Role name | Attributes
> ------------+------------------------------------------------------------
> pgbackrest | Replication
> postgres | Superuser, Create role, Create DB, Replication, Bypass RLS
> test | Password valid until 2024-05-19 00:00:00+00
> user_name | Password valid until 2024-05-13 00:00:00+00
> ```
>
> Finally it allows to connect test
Which is correct as the 'valid until' timestamp is in the future.
>
> ```
>
> [postgres(at)postgres16 data]$ psql -d postgres -U test
> Password for user test:
> psql (16.2)
>
> ```
>
> I believe this is a expected output of validunitl , Please correct me if
> i m wrong
The behavior is as referenced in the documentation:
https://www.postgresql.org/docs/current/sql-createrole.html
VALID UNTIL 'timestamp'
The VALID UNTIL clause sets a date and time after which the role's
password is no longer valid. If this clause is omitted the password will
be valid for all time.
>
>
> Regards
>
> A.Rama Krishnan
>
--
Adrian Klaver
adrian(dot)klaver(at)aklaver(dot)com
From | Date | Subject | |
---|---|---|---|
Next Message | Troels Arvin | 2024-05-18 14:48:36 | Re: utf8 vs UTF-8 |
Previous Message | Rich Shepard | 2024-05-18 14:46:39 | Re: Left join syntax error |