Participants
Daniel
Daniel
Tom Lane
Tom Lane
Chris
Chris
Scott Marlowe
Scott Marlowe
Attachments
Show all attachments
Thread Outline
#1DanielDaniel
Dec 03, 2009
#2Tom LaneTom Laneto Daniel (#1)
Dec 03, 2009
#3ChrisChristo Daniel (#1)
Dec 03, 2009
#4...#5
DanielScott Marlowe
to Daniel (#1)
Dec 03, 2009
#4DanielDanielto Daniel (#1)
Dec 03, 2009
#5Scott MarloweScott Marloweto Daniel (#4)
Dec 03, 2009

Strange. I can logon with an invalid or no password atall

Started by Danielover 16 years ago5 messagesgeneral
Jump to latest
#1Daniel
Daniel
danwgrace@gmail.com

My program is reporting "Logged on." even if I enter an invalid or no
password atall.
Here is my login function and below is the function that calls it:

bool DBConn::Connect(const std::string &host, const std::string
&user,
const std::string &pass)
// Connects to the database
{
std::string cs = "hostaddr = '" + host +
"' port = '' dbname = 'TBDB' user = '" + user +
"' password = '" + pass + "' connect_timeout = '10'";
pg_conn = PQconnectdb(cs.c_str());
if (!pg_conn)
return false;
if (PQstatus(pg_conn) != CONNECTION_OK)
return false;
return true;
}

void TBClientFrame::Login(const wxString &user, const wxString &pass)
{
std::string host("127.0.0.1");
std::string user_str = std::string(user.mb_str(*wxConvCurrent));
std::string pass_str = std::string(pass.mb_str(*wxConvCurrent));
if (db_conn.Connect(host, user_str, pass_str))
wxMessageBox(wxT("Logged on."), wxT("Client Info."));
else
{
fprintf(stderr, "%s", db_conn.ErrorMsg());
}
}

It does report an error if the user name is invalid. What could cause
this strange behaviour.

#2Tom Lane
Tom Lane
tgl@sss.pgh.pa.us
In reply to: Daniel (#1)
Re: Strange. I can logon with an invalid or no password atall

Daniel <danwgrace@gmail.com> writes:

My program is reporting "Logged on." even if I enter an invalid or no
password atall.

You sure the server is configured to ask for a password?

http://www.postgresql.org/docs/8.4/static/client-authentication.html

regards, tom lane

#3Chris
Chris
dmagick@gmail.com
In reply to: Daniel (#1)
Re: Strange. I can logon with an invalid or no password atall

void TBClientFrame::Login(const wxString &user, const wxString &pass)
{
std::string host("127.0.0.1");
std::string user_str = std::string(user.mb_str(*wxConvCurrent));
std::string pass_str = std::string(pass.mb_str(*wxConvCurrent));
if (db_conn.Connect(host, user_str, pass_str))
wxMessageBox(wxT("Logged on."), wxT("Client Info."));
else
{
fprintf(stderr, "%s", db_conn.ErrorMsg());
}
}

It does report an error if the user name is invalid. What could cause
this strange behaviour.

What is in your pg_hba.conf file?

Seems like you've got it set to 'trust' for (at least) 127.0.0.1 - try
changing that to 'md5' and restarting postgres.

--
Postgresql & php tutorials
http://www.designmagick.com/

#4Daniel
Daniel
danwgrace@gmail.com
In reply to: Daniel (#1)
Re: Strange. I can logon with an invalid or no password atall

Thanks. I did not realise it was so configurable.

#5Scott Marlowe
Scott Marlowe
scott.marlowe@gmail.com
In reply to: Daniel (#4)
Re: Strange. I can logon with an invalid or no password atall

Better too many options than not enough eh?

On Thu, Dec 3, 2009 at 2:47 PM, Daniel <danwgrace@gmail.com> wrote:

Thanks.  I did not realise it was so configurable.

--
Sent via pgsql-general mailing list (pgsql-general@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-general

--
When fascism comes to America, it will be intolerance sold as diversity.

← Back to Topics