Postgres Pro
Downloads
Home   >   mailing lists

Re: JDBC connection test with SSL on PG 9.2.1 server - Mailing list pgsql-general

From Adrian Klaver
Subject Re: JDBC connection test with SSL on PG 9.2.1 server
Date
Msg-id 5107E935.7070601@gmail.com
Whole thread Raw
In response to JDBC connection test with SSL on PG 9.2.1 server  (Hari Babu <haribabu.kommi@huawei.com>)
List pgsql-general
Tree view 
On 01/28/2013 09:24 PM, Hari Babu wrote:
> While testing PostgreSQL JDBC java client to connect to the PG 9.2.1
> database server using SSL.
> we got the following behavior.
>
> The test steps as below:
>
> url = "jdbc:postgresql://" + "10.145.98.227" + ':'
>              + "8707" + '/'
>              + "POSTGRES";
>      Properties props = new Properties();
>      props.setProperty("user", "CLIENT");
>      props.setProperty("password", "1234@QWER");
>      props.setProperty("ssl", "true");
>
>        System.setProperty("javax.net.ssl.trustStore", "193store");
>        System.setProperty("javax.net.ssl.keyStore", "193client.jks");
>      System.setProperty("javax.net.ssl.keyStorePassword", "qwerty");
>
>      /*Begin the first ssl connection*/
>      conn1 = DriverManager.getConnection(url, props);
>      System.out.println("Connection1 successful!");
>
>
>        System.setProperty("javax.net.ssl.trustStore", "193store");
>        System.setProperty("javax.net.ssl.keyStore", "193client.jks");
>      System.setProperty("javax.net.ssl.keyStorePassword", "wrongpassword");
>
>      /*Begin the second ssl connection*/
>      conn2 = DriverManager.getConnection(url, props);
>      System.out.println("Connection2 successful!");
>
> Before first connection we set
> "System.setProperty("javax.net.ssl.keyStorePassword", "qwerty");" qwerty is
> the right password
> and before second SSL connection we set
> "System.setProperty("javax.net.ssl.keyStorePassword", "wrongpassword");"
> wrongpassword is the wrong password.
>
> we expect  the first SSL connection will be successful and second failed
> because of wrong password, but actually we get two successful SSL
> connections.
> We found that  if the first SSL connections password set right, all the
> following SSL connections are fine ,even set wrong keystroke password.
>
> 1. Is this a defect about JDBC?
> 2. Is it SSL behavior to authenticate only once?
> 3. Is it system property behavior can be set only once.
> 4. Is it because of any other problems?
>
> please give your suggestions?

Take a look at this section of the manual:

http://www.postgresql.org/docs/9.2/interactive/client-authentication.html

I would start with the section on pg_hba:

http://www.postgresql.org/docs/9.2/interactive/auth-pg-hba-conf.html


My guess is if you look in the pg_hba.conf file for your server you do
not have password authentication set up for the connections you are making.


>
> Regards,
> Hari babu.
>
>
>


--
Adrian Klaver
adrian.klaver@gmail.com

pgsql-general by date:

Previous
From: Tom Lane
Date:
Subject: Re: inet/cidr ipv6 operations
Next
From: Chris Angelico
Date:
Subject: Re: inet/cidr ipv6 operations