Re: JDBC connection test with SSL on PG 9.2.1 server

Поиск
Список
Период
Сортировка
От Dave Cramer
Тема Re: JDBC connection test with SSL on PG 9.2.1 server
Дата
Msg-id CADK3HHLO-eup0et0nh85sZ=urfhsa=pqqGr8xJ+GpRZGBAC9+A@mail.gmail.com
обсуждение исходный текст
Ответ на JDBC connection test with SSL on PG 9.2.1 server  (Hari Babu <haribabu.kommi@huawei.com>)
Ответы Re: JDBC connection test with SSL on PG 9.2.1 server
Список pgsql-jdbc
Дерево обсуждения
Hari,

JDBC uses java's SSL infrastructure, as such I don't think it's a defect in JDBC. It could be because your truststore does not require a password.



Dave Cramer

dave.cramer(at)credativ(dot)ca
http://www.credativ.ca


On Mon, Jan 28, 2013 at 9:03 AM, Hari Babu <haribabu.kommi@huawei.com> wrote:
While testing PostgreSQL JDBC java client to connect to the PG 9.2.1
database server using SSL.
we got the following behavior.

The test steps as below:

url = "jdbc:postgresql://" + "10.145.98.227" + ':'
            + "8707" + '/'
            + "POSTGRES";
    Properties props = new Properties();
    props.setProperty("user", "CLIENT");
    props.setProperty("password", "1234@QWER");
    props.setProperty("ssl", "true");

      System.setProperty("javax.net.ssl.trustStore", "193store");
      System.setProperty("javax.net.ssl.keyStore", "193client.jks");
      System.setProperty("javax.net.ssl.trustStorePassword", "qwerty");
    System.setProperty("javax.net.ssl.keyStorePassword", "qwerty");

    /*Begin the first ssl connection*/
    conn1 = DriverManager.getConnection(url, props);
    System.out.println("Connection1 successful!");


      System.setProperty("javax.net.ssl.trustStore", "193store");
      System.setProperty("javax.net.ssl.keyStore", "193client.jks");
      System.setProperty("javax.net.ssl.trustStorePassword", "qwerty");
    System.setProperty("javax.net.ssl.keyStorePassword", "wrongpassword");

    /*Begin the second ssl connection*/
    conn2 = DriverManager.getConnection(url, props);
    System.out.println("Connection2 successful!");

Before first connection we set
"System.setProperty("javax.net.ssl.keyStorePassword", "qwerty");" qwerty is
the right password
and before second SSL connection we set
"System.setProperty("javax.net.ssl.keyStorePassword", "wrongpassword");"
wrongpassword is the wrong password.

we expect  the first SSL connection will be successful and second failed
because of wrong password, but actually we get two successful SSL
connections.
We found that  if the first SSL connections password set right, all the
following SSL connections are fine ,even set wrong keystroke password.

1. Is this a defect about JDBC?
2. Is it SSL behavior to authenticate only once?
3. Is it system property behavior can be set only once.
4. Is it because of any other problems?

please give your suggestions?

Regards,
Hari babu.



--
Sent via pgsql-jdbc mailing list (pgsql-jdbc@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-jdbc

В списке pgsql-jdbc по дате отправления:

Предыдущее
От: Hari Babu
Дата:
Сообщение: JDBC connection test with SSL on PG 9.2.1 server
Следующее
От: Nathaniel Waisbrot
Дата:
Сообщение: Bug report: NullPointerException from Driver.connect when passed a Properties with non-string values