JDBC Driver Authentication Bug
Cheeren Shieh (cheeren@cheeren.com) reports a bug with a severity of 2
The lower the number the more severe it is.
Short Description
JDBC Driver Authentication Bug
Long Description
If the userid is valid, even though null password or wrong password is sent to server with JDBC Driver, the authentication still pass!
What is a terrible bug!
The JDBC Driver is "jdbc7.0-1.2.jar".
Sample Code
No file was uploaded with this report
pgsql-bugs@postgresql.org wrote:
If the userid is valid, even though null password or wrong password is sent to server with JDBC Driver, the authentication still pass!
What is a terrible bug!
Check ~postgres/data/pg_hba.conf
By default AuthenticationType for localhost connections is TRUST. You
have to set it
to PASSWORD
cu
--
Nabil Sayegh
Sorry for the delay.
What is the setting in pg_hba.conf? It sounds like this is set to trust
which would produce this affect.
Peter
----- Original Message -----
From: <pgsql-bugs@postgresql.org>
To: <pgsql-bugs@postgresql.org>
Sent: Saturday, December 16, 2000 4:04 AM
Subject: [BUGS] JDBC Driver Authentication Bug
Cheeren Shieh (cheeren@cheeren.com) reports a bug with a severity of 2
The lower the number the more severe it is.Short Description
JDBC Driver Authentication BugLong Description
If the userid is valid, even though null password or wrong password is
sent to server with JDBC Driver, the authentication still pass!
Show quoted text
What is a terrible bug!
The JDBC Driver is "jdbc7.0-1.2.jar".Sample Code
No file was uploaded with this report