Re: Change authentication error message (patch)

On 06/18/2013 02:25 AM, Markus Wanner wrote:
>
> On 06/16/2013 06:02 PM, Joshua D. Drake wrote:
>> Instead of pushing extra info to the logs I decided that we could
>> without giving away extra details per policy. I wrote the error message
>> in a way that tells the most obvious problems, without admitting to any
>> of them. Please see attached:
>
> +1 for solving this with a bit of word-smithing.
>
> However, the proposed wording doesn't sound like a full sentence to my
> ears, because a password or username cannot fail per-se.

I believe it actually can. The error message that is returned for a bad
password, bad user or expired password is all the same. Which is why I
put the username in there.

>
> How about:
> "password authentication failed or account expired for user \"%s\""
>
> It's a bit longer, but sounds more like a full sentence, no?

Yes but I don't think it is accurate, what about:

"Authentication failed or password has expired for user \"%s\""

Authentication failed covers any combination of a username/password
being wrong and obviously password expired covers the other.

Sincerely,

Joshua D. Drake

>
> Regards
>
> Markus Wanner
>

--
Command Prompt, Inc. - http://www.commandprompt.com/ 509-416-6579
PostgreSQL Support, Training, Professional Services and Development
High Availability, Oracle Conversion, Postgres-XC, @cmdpromptinc
For my dreams of your image that blossoms
a rose in the deeps of my heart. - W.B. Yeats