Re: Bad error message on valuntil

On 6/7/13 2:57 PM, Tom Lane wrote:
> "Joshua D. Drake" <jd@commandprompt.com> writes:
>> I had a customer pulling their hair out today because they couldn't 
>> login to their system. The error was consistently:
> 
>> 2013-06-07 08:42:44 MST postgres 10.1.11.67 27440 FATAL:  password
>> authentication failed for user "user
> 
>> However the problem had nothing to do with password authentication. It 
>> was because the valuntil on the user had been set till a date in the 
>> past. Now technically if we just removed the word "password" from the 
>> error it would be accurate but it seems it would be better to say, 
>> "FATAL: the user "user" has expired".
> 
> I think it's intentional that we don't tell the *client* that level of
> detail.  I could see emitting a log message about it, but it's not clear
> whether that will help an unsophisticated user.

Usually, when I log in somewhere and the password is expired, it tells
me that the password is expired.  I don't think we gain anything by
hiding that from the user.