| From: | Adrian Klaver <adrian(dot)klaver(at)gmail(dot)com> |
|---|---|
| To: | Hari Babu <haribabu(dot)kommi(at)huawei(dot)com> |
| Cc: | pgsql-general(at)postgresql(dot)org |
| Subject: | Re: JDBC connection test with SSL on PG 9.2.1 server |
| Date: | 2013-01-29 15:22:29 |
| Message-ID: | 5107E935.7070601@gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
On 01/28/2013 09:24 PM, Hari Babu wrote:
> While testing PostgreSQL JDBC java client to connect to the PG 9.2.1
> database server using SSL.
> we got the following behavior.
>
> The test steps as below:
>
> url = "jdbc:postgresql://" + "10.145.98.227" + ':'
> + "8707" + '/'
> + "POSTGRES";
> Properties props = new Properties();
> props.setProperty("user", "CLIENT");
> props.setProperty("password", "1234(at)QWER");
> props.setProperty("ssl", "true");
>
> System.setProperty("javax.net.ssl.trustStore", "193store");
> System.setProperty("javax.net.ssl.keyStore", "193client.jks");
> System.setProperty("javax.net.ssl.keyStorePassword", "qwerty");
>
> /*Begin the first ssl connection*/
> conn1 = DriverManager.getConnection(url, props);
> System.out.println("Connection1 successful!");
>
>
> System.setProperty("javax.net.ssl.trustStore", "193store");
> System.setProperty("javax.net.ssl.keyStore", "193client.jks");
> System.setProperty("javax.net.ssl.keyStorePassword", "wrongpassword");
>
> /*Begin the second ssl connection*/
> conn2 = DriverManager.getConnection(url, props);
> System.out.println("Connection2 successful!");
>
> Before first connection we set
> "System.setProperty("javax.net.ssl.keyStorePassword", "qwerty");" qwerty is
> the right password
> and before second SSL connection we set
> "System.setProperty("javax.net.ssl.keyStorePassword", "wrongpassword");"
> wrongpassword is the wrong password.
>
> we expect the first SSL connection will be successful and second failed
> because of wrong password, but actually we get two successful SSL
> connections.
> We found that if the first SSL connections password set right, all the
> following SSL connections are fine ,even set wrong keystroke password.
>
> 1. Is this a defect about JDBC?
> 2. Is it SSL behavior to authenticate only once?
> 3. Is it system property behavior can be set only once.
> 4. Is it because of any other problems?
>
> please give your suggestions?
Take a look at this section of the manual:
http://www.postgresql.org/docs/9.2/interactive/client-authentication.html
I would start with the section on pg_hba:
http://www.postgresql.org/docs/9.2/interactive/auth-pg-hba-conf.html
My guess is if you look in the pg_hba.conf file for your server you do
not have password authentication set up for the connections you are making.
>
> Regards,
> Hari babu.
>
>
>
--
Adrian Klaver
adrian(dot)klaver(at)gmail(dot)com
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Chris Angelico | 2013-01-29 15:27:32 | Re: inet/cidr ipv6 operations |
| Previous Message | Tom Lane | 2013-01-29 15:16:20 | Re: inet/cidr ipv6 operations |