| From: | dmp <danap(at)ttc-cmc(dot)net> |
|---|---|
| To: | pgsql-jdbc(at)postgresql(dot)org |
| Subject: | Re: JDBC connection test with SSL on PG 9.2.1 server |
| Date: | 2013-01-29 16:56:07 |
| Message-ID: | 5107FF27.701@ttc-cmc.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general pgsql-jdbc |
Hello Hari,
Can you please set the property logLevel=1, INFO
and then reply back with the output. You may also
try logLevel=2, DEBUG for additional information.
danap.
Hari Babu wrote:
> On Monday, January 28, 2013 10:20 PM, Dave Cramer wrote:
>
> >>On Mon, Jan 28, 2013 at 9:03 AM, Hari Babu <haribabu(dot)kommi(at)huawei(dot)com
> <mailto:haribabu(dot)kommi(at)huawei(dot)com>> wrote:
>
> >>While testing PostgreSQL JDBC java client to connect to the PG 9.2.1
> >>database server using SSL.
> >>we got the following behavior.
> >>
> >>The test steps as below:
> >>
> >>url = "jdbc:postgresql://" + "10.145.98.227" + ':'
> >> + "8707" + '/'
> >> + "POSTGRES";
> >> Properties props = new Properties();
> >> props.setProperty("user", "CLIENT");
> >> props.setProperty("password", "1234(at)QWER");
> >> props.setProperty("ssl", "true");
> >>
> >> System.setProperty("javax.net.ssl.trustStore", "193store");
> >> System.setProperty("javax.net.ssl.keyStore", "193client.jks");
> >> System.setProperty("javax.net.ssl.trustStorePassword", "qwerty");
> >> System.setProperty("javax.net.ssl.keyStorePassword", "qwerty");
> >>
> >> /*Begin the first ssl connection*/
> >> conn1 = DriverManager.getConnection(url, props);
> >> System.out.println("Connection1 successful!");
> >>
> >>
> >> System.setProperty("javax.net.ssl.trustStore", "193store");
> >> System.setProperty("javax.net.ssl.keyStore", "193client.jks");
> >> System.setProperty("javax.net.ssl.trustStorePassword", "qwerty");
> >> System.setProperty("javax.net.ssl.keyStorePassword", "wrongpassword");
> >>
> >> /*Begin the second ssl connection*/
> >> conn2 = DriverManager.getConnection(url, props);
> >> System.out.println("Connection2 successful!");
> >>
> >>Before first connection we set
> >>"System.setProperty("javax.net.ssl.keyStorePassword", "qwerty");"
> qwerty is
> >>the right password
> >>and before second SSL connection we set
> >>"System.setProperty("javax.net.ssl.keyStorePassword", "wrongpassword");"
> >>wrongpassword is the wrong password.
> >>
> >>we expect the first SSL connection will be successful and second failed
> >>because of wrong password, but actually we get two successful SSL
> >>connections.
> >>We found that if the first SSL connections password set right, all the
> >>following SSL connections are fine ,even set wrong keystroke password.
> >>
> >>1. Is this a defect about JDBC?
> >>2. Is it SSL behavior to authenticate only once?
> >>3. Is it system property behavior can be set only once.
> >>4. Is it because of any other problems?
> >>
> >>please give your suggestions?
>
> >JDBC uses java's SSL infrastructure, as such I don't think it's a
> defect in JDBC. It could be because your truststore >does not require a
> password.
>
> I removed the trustStorePassword setting from the test, still the second
> connection is getting success with the wrong
>
> keyStorePassword.
>
> Regards,
>
> Hari babu.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | yatler sahri | 2013-01-29 18:12:56 | |
| Previous Message | Tom Lane | 2013-01-29 16:43:07 | Re: inet/cidr ipv6 operations |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Dave Cramer | 2013-01-29 16:59:12 | Re: Bug report: NullPointerException from Driver.connect when passed a Properties with non-string values |
| Previous Message | dmp | 2013-01-29 16:54:10 | Re: Bug report: NullPointerException from Driver.connect when passed a Properties with non-string values |