github.com/cockroachdb/cockroach@v20.2.0-alpha.1+incompatible/pkg/sql/pgwire/testdata/auth/conn_log (about) 1 config secure 2 ---- 3 4 sql 5 CREATE USER userpw WITH PASSWORD 'pass'; 6 CREATE USER usernopw; 7 ALTER USER root WITH PASSWORD 'secureabc'; 8 CREATE USER trusted; 9 CREATE USER usernologin WITH NOLOGIN PASSWORD '123'; 10 CREATE USER userexpired WITH PASSWORD '123' VALID UNTIL '2000-01-01' 11 12 ---- 13 ok 14 15 set_hba 16 host all trusted all trust # custom 17 host all all all cert-password # built-in CockroachDB default 18 local all trusted reject # custom 19 local all all password # built-in CockroachDB default 20 ---- 21 # Active authentication configuration on this node: 22 # Original configuration: 23 # host all root all cert-password # CockroachDB mandatory rule 24 # host all trusted all trust # custom 25 # host all all all cert-password # built-in CockroachDB default 26 # local all trusted reject # custom 27 # local all all password # built-in CockroachDB default 28 # 29 # Interpreted configuration: 30 # TYPE DATABASE USER ADDRESS METHOD OPTIONS 31 host all root all cert-password 32 host all trusted all trust 33 host all all all cert-password 34 local all trusted reject 35 local all all password 36 37 subtest conn_tls 38 39 subtest conn_tls/root_user 40 41 connect user=root 42 ---- 43 ok defaultdb 44 45 46 authlog 6 47 .*disconnected 48 ---- 49 I: [n1,client=XXX] 5 received connection 50 I: [n1,client=XXX,hostssl,user=root] 6 connection matches HBA rule: host all root all cert-password # CockroachDB mandatory rule 51 I: [n1,client=XXX,hostssl,user=root] 7 client presented certificate, proceeding with certificate validation 52 I: [n1,client=XXX,hostssl,user=root] 8 authentication succeeded 53 I: [n1,client=XXX,hostssl,user=root] 9 session terminated; duration: XXX 54 I: [n1,client=XXX,hostssl] 10 disconnected; duration: XXX 55 56 connect user=root password=secureabc sslmode=require sslcert= sslkey= 57 ---- 58 ok defaultdb 59 60 authlog 6 61 .*disconnected 62 ---- 63 I: [n1,client=XXX] 11 received connection 64 I: [n1,client=XXX,hostssl,user=root] 12 connection matches HBA rule: host all root all cert-password # CockroachDB mandatory rule 65 I: [n1,client=XXX,hostssl,user=root] 13 no client certificate, proceeding with password authentication 66 I: [n1,client=XXX,hostssl,user=root] 14 authentication succeeded 67 I: [n1,client=XXX,hostssl,user=root] 15 session terminated; duration: XXX 68 I: [n1,client=XXX,hostssl] 16 disconnected; duration: XXX 69 70 connect user=root password=badpass sslmode=require sslcert= sslkey= 71 ---- 72 ERROR: password authentication failed for user root 73 74 authlog 6 75 .*disconnected 76 ---- 77 I: [n1,client=XXX] 17 received connection 78 I: [n1,client=XXX,hostssl,user=root] 18 connection matches HBA rule: host all root all cert-password # CockroachDB mandatory rule 79 I: [n1,client=XXX,hostssl,user=root] 19 no client certificate, proceeding with password authentication 80 I: [n1,client=XXX,hostssl,user=root] 20 authentication failed: password authentication failed for user root 81 I: [n1,client=XXX,hostssl,user=root] 21 session terminated; duration: XXX 82 I: [n1,client=XXX,hostssl] 22 disconnected; duration: XXX 83 84 85 subtest end 86 87 subtest conn_tls/trusted_user 88 89 connect user=trusted 90 ---- 91 ok defaultdb 92 93 authlog 5 94 .*disconnected 95 ---- 96 I: [n1,client=XXX] 23 received connection 97 I: [n1,client=XXX,hostssl,user=trusted] 24 connection matches HBA rule: host all trusted all trust # custom 98 I: [n1,client=XXX,hostssl,user=trusted] 25 authentication succeeded 99 I: [n1,client=XXX,hostssl,user=trusted] 26 session terminated; duration: XXX 100 I: [n1,client=XXX,hostssl] 27 disconnected; duration: XXX 101 102 subtest end 103 104 subtest conn_tls/regular_user 105 106 connect user=userpw password=pass 107 ---- 108 ok defaultdb 109 110 authlog 6 111 .*disconnected 112 ---- 113 I: [n1,client=XXX] 28 received connection 114 I: [n1,client=XXX,hostssl,user=userpw] 29 connection matches HBA rule: host all all all cert-password # built-in CockroachDB default 115 I: [n1,client=XXX,hostssl,user=userpw] 30 no client certificate, proceeding with password authentication 116 I: [n1,client=XXX,hostssl,user=userpw] 31 authentication succeeded 117 I: [n1,client=XXX,hostssl,user=userpw] 32 session terminated; duration: XXX 118 I: [n1,client=XXX,hostssl] 33 disconnected; duration: XXX 119 120 connect user=userpw password=badpass 121 ---- 122 ERROR: password authentication failed for user userpw 123 124 authlog 6 125 .*disconnected 126 ---- 127 I: [n1,client=XXX] 34 received connection 128 I: [n1,client=XXX,hostssl,user=userpw] 35 connection matches HBA rule: host all all all cert-password # built-in CockroachDB default 129 I: [n1,client=XXX,hostssl,user=userpw] 36 no client certificate, proceeding with password authentication 130 I: [n1,client=XXX,hostssl,user=userpw] 37 authentication failed: password authentication failed for user userpw 131 I: [n1,client=XXX,hostssl,user=userpw] 38 session terminated; duration: XXX 132 I: [n1,client=XXX,hostssl] 39 disconnected; duration: XXX 133 134 subtest end 135 136 subtest conn_tls/no_password 137 138 connect user=usernopw 139 ---- 140 ERROR: password authentication failed for user usernopw 141 142 authlog 7 143 .*disconnected 144 ---- 145 I: [n1,client=XXX] 40 received connection 146 I: [n1,client=XXX,hostssl,user=usernopw] 41 connection matches HBA rule: host all all all cert-password # built-in CockroachDB default 147 I: [n1,client=XXX,hostssl,user=usernopw] 42 no client certificate, proceeding with password authentication 148 I: [n1,client=XXX,hostssl,user=usernopw] 43 user has no password defined 149 I: [n1,client=XXX,hostssl,user=usernopw] 44 authentication failed: password authentication failed for user usernopw 150 I: [n1,client=XXX,hostssl,user=usernopw] 45 session terminated; duration: XXX 151 I: [n1,client=XXX,hostssl] 46 disconnected; duration: XXX 152 153 154 subtest end 155 156 157 subtest end 158 159 subtest conn_unix 160 161 subtest conn_unix/root_user 162 163 connect_unix user=root password=secureabc 164 ---- 165 ok defaultdb 166 167 authlog 5 168 .*disconnected 169 ---- 170 I: [n1,client=XXX] 47 received connection 171 I: [n1,client=XXX,local,user=root] 48 connection matches HBA rule: local all all password # built-in CockroachDB default 172 I: [n1,client=XXX,local,user=root] 49 authentication succeeded 173 I: [n1,client=XXX,local,user=root] 50 session terminated; duration: XXX 174 I: [n1,client=XXX,local] 51 disconnected; duration: XXX 175 176 connect_unix user=root password=badpass 177 ---- 178 ERROR: password authentication failed for user root 179 180 authlog 5 181 .*disconnected 182 ---- 183 I: [n1,client=XXX] 52 received connection 184 I: [n1,client=XXX,local,user=root] 53 connection matches HBA rule: local all all password # built-in CockroachDB default 185 I: [n1,client=XXX,local,user=root] 54 authentication failed: password authentication failed for user root 186 I: [n1,client=XXX,local,user=root] 55 session terminated; duration: XXX 187 I: [n1,client=XXX,local] 56 disconnected; duration: XXX 188 189 190 subtest end 191 192 subtest conn_unix/trusted_user 193 194 connect_unix user=trusted 195 ---- 196 ERROR: authentication rejected by configuration 197 198 authlog 5 199 .*disconnected 200 ---- 201 I: [n1,client=XXX] 57 received connection 202 I: [n1,client=XXX,local,user=trusted] 58 connection matches HBA rule: local all trusted reject # custom 203 I: [n1,client=XXX,local,user=trusted] 59 authentication failed: authentication rejected by configuration 204 I: [n1,client=XXX,local,user=trusted] 60 session terminated; duration: XXX 205 I: [n1,client=XXX,local] 61 disconnected; duration: XXX 206 207 subtest end 208 209 subtest conn_unix/regular_user 210 211 connect_unix user=userpw password=pass 212 ---- 213 ok defaultdb 214 215 authlog 5 216 .*disconnected 217 ---- 218 I: [n1,client=XXX] 62 received connection 219 I: [n1,client=XXX,local,user=userpw] 63 connection matches HBA rule: local all all password # built-in CockroachDB default 220 I: [n1,client=XXX,local,user=userpw] 64 authentication succeeded 221 I: [n1,client=XXX,local,user=userpw] 65 session terminated; duration: XXX 222 I: [n1,client=XXX,local] 66 disconnected; duration: XXX 223 224 connect_unix user=userpw password=badpass 225 ---- 226 ERROR: password authentication failed for user userpw 227 228 authlog 5 229 .*disconnected 230 ---- 231 I: [n1,client=XXX] 67 received connection 232 I: [n1,client=XXX,local,user=userpw] 68 connection matches HBA rule: local all all password # built-in CockroachDB default 233 I: [n1,client=XXX,local,user=userpw] 69 authentication failed: password authentication failed for user userpw 234 I: [n1,client=XXX,local,user=userpw] 70 session terminated; duration: XXX 235 I: [n1,client=XXX,local] 71 disconnected; duration: XXX 236 237 subtest end 238 239 subtest conn_unix/nologin_expired_password 240 241 connect_unix user=usernologin password=123 242 ---- 243 ERROR: usernologin does not have login privilege 244 245 authlog 4 246 .*disconnected 247 ---- 248 I: [n1,client=XXX] 72 received connection 249 I: [n1,client=XXX,local,user=usernologin] 73 "usernologin" does not have login privilege 250 I: [n1,client=XXX,local,user=usernologin] 74 session terminated; duration: XXX 251 I: [n1,client=XXX,local] 75 disconnected; duration: XXX 252 253 connect_unix user=userexpired password=123 254 ---- 255 ERROR: password is expired 256 257 authlog 6 258 .*disconnected 259 ---- 260 I: [n1,client=XXX] 76 received connection 261 I: [n1,client=XXX,local,user=userexpired] 77 connection matches HBA rule: local all all password # built-in CockroachDB default 262 I: [n1,client=XXX,local,user=userexpired] 78 password is expired 263 I: [n1,client=XXX,local,user=userexpired] 79 authentication pre-hook failed: password is expired 264 I: [n1,client=XXX,local,user=userexpired] 80 session terminated; duration: XXX 265 I: [n1,client=XXX,local] 81 disconnected; duration: XXX 266 267 subtest end 268 269 subtest end