Re: Bad error message on valuntil
| От | Joshua D. Drake |
|---|---|
| Тема | Re: Bad error message on valuntil |
| Дата | |
| Msg-id | 51B37A24.3040509@commandprompt.com обсуждение исходный текст |
| Ответ на | Re: Bad error message on valuntil (Tom Lane <tgl@sss.pgh.pa.us>) |
| Список | pgsql-hackers |
On 06/07/2013 12:31 PM, Tom Lane wrote:
> "Joshua D. Drake" <jd@commandprompt.com> writes:
>> On 06/07/2013 11:57 AM, Tom Lane wrote:
>>> I think it's intentional that we don't tell the *client* that level of
>>> detail.
>
>> Why? That seems rather silly.
>
> The general policy on authentication failure reports is that we don't
> tell the client anything it doesn't know already about what the auth
> method is. We can log additional info into the postmaster log if it
I was looking at the code and I saw this catchall:
default: errstr = gettext_noop("authentication failed
for user \"%s\": invalid authentication method"); break;
I think we could make the argument that if valuntil is expired that the
authentication method is invalid. Thoughts?
Else I am trying to come up with some decent wording... something like:
Authentication failed: not all authentication tokens were met
?
В списке pgsql-hackers по дате отправления: