Bruce Momjian <br...@momjian.us> writes: > I have developed the attached patch to fix this problem. Do I need to > say "invalid user or invalid or expired password"?
I'm not convinced that this improves anything. The problem might not in fact be either of the things you mention, in which case the new message is outright misleading. Also, what of the policy stated in the header comment for the function you're hacking, ie we intentionally don't reveal the precise cause of the failure to the client? regards, tom lane -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers