From: Fernando Nasser <fnasser@redhat.com>
To: Wei Tjioe <wtjioe@cs.toronto.edu>
Cc: rhdb@sources.redhat.com
Subject: Re: problem with Configuring a Connection to a Database using Visual Explain
Date: Thu, 02 Oct 2003 20:07:00 -0000 [thread overview]
Message-ID: <3F7C859C.4060604@redhat.com> (raw)
In-Reply-To: <Pine.GSO.4.58.0310012121530.10907@qew.cs>
Wei,
The client side (in this case JDBC) is not aware of how the server stores it's
passwords. They are sent clear text with either 'password' or 'md5' -- they are
stored encrypted in the server. If you need more security and don't want clear
text passwords on the network make the connection using SSL. The JDBC driver
supports SSL connection for some time now.
W.r.t. your connection problem, the message may be misleading. The reason that
cause the password authentication to fail may have been a communication problem.
Check if you have the line:
tcpip_socket = true
in your postgresql.conf file (in the PGDATA directory).
Java (and JDBC) cannot connect using Unix sockets, so you must be accepting
TCP/IP connections.
Regards,
Fernando
Wei Tjioe wrote:> Another observation with Visual Explain is on how it treats
PASSWORD
> authentication.
>
> For example: in pg_hba.conf
>
> local all md5
> host all 127.0.0.1 255.255.255.255 md5
>
> This causes Visual Explain to refuse connection based on Password
> (although connection request through psql, both local and -h, succeeded).
>
> Test 1: Driver
> PASSED
>
> Test 2: Connection
> FAILED
> Unable to connect to database.
> Reason: Something ....Please report this exception: Exception:
> java.sql.SQLException: FATAL 1:
> Password authentication failed for use "me"
>
>
> When authentication is switched to clear text:
>
> local all md5
> host all 127.0.0.1 255.255.255.255 password
>
> [root@darwin data]# pg_ctl reload
> postmaster successfully signaled
> ...
>
> Visual Explain connects to database successfully.
>
> Testing Database Connection: testdb
> Test1: Driver
> PASSED
>
> Test2: Connection
> PASSED
>
>
> If there's a safer alternative, please post.
>
>
> Wei
>
>
--
Fernando Nasser
Red Hat - Toronto E-Mail: fnasser@redhat.com
2323 Yonge Street, Suite #300
Toronto, Ontario M4P 2C9
next prev parent reply other threads:[~2003-10-02 20:07 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2003-10-02 1:39 Wei Tjioe
2003-10-02 20:07 ` Fernando Nasser [this message]
2003-10-02 20:28 ` Wei Tjioe
2003-10-02 21:13 ` Fernando Nasser
2003-10-02 22:44 ` Wei Tjioe
2003-10-03 0:41 ` Fernando Nasser
2003-10-03 1:16 ` Wei Tjioe
2003-10-03 1:53 ` Fernando Nasser
2003-10-03 2:21 ` Wei Tjioe
-- strict thread matches above, loose matches on Subject: below --
2003-09-18 8:25 huwang wang
2003-09-18 14:36 ` Patrick Macdonald
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=3F7C859C.4060604@redhat.com \
--to=fnasser@redhat.com \
--cc=rhdb@sources.redhat.com \
--cc=wtjioe@cs.toronto.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).