SunnySaman opened a new issue, #15016: URL: https://github.com/apache/iotdb/issues/15016
### Search before asking - [x] I searched in the [issues](https://github.com/apache/iotdb/issues) and found nothing similar. ### Version ``` I>pip list | findstr iot apache-iotdb 0.13.3 >pip list | findstr sess C:\Users\luoshengjie.BJUCI>python --version Python 3.10.1 ``` ### Describe the bug and provide the minimal reproduce step ### 描述: **Issue Summary:** In the IoTDB Python client library version 0.13.3, there appears to be an issue with password authentication when the parameter `enable_rpc_compression` in the `Session.open()` method is set to `False`. Specifically, regardless of the password provided, a successful connection can be established, which should not be the case if the password is incorrect. **Steps to Reproduce:** 1. Install IoTDB Python client library version 0.13.3. 2. Attempt to establish a session using the following code snippet: ```python from iotdb.Session import Session ip_address = "your_iotdb_ip" port = 6667 # Default IoTDB port user = "your_username" password = "incorrect_password" # Intentionally incorrect password session = Session(ip_address, port, user, password) session.open(False) # Setting enable_rpc_compression to False ``` 3. Observe that despite providing an incorrect password, the session establishes successfully without any authentication failure. 4. Repeat the above steps but set `enable_rpc_compression` to `True`: ```python session.open(True) ``` 5. Notice that with `enable_rpc_compression` set to `True`, the session correctly throws an authentication failure when an incorrect password is used. ### What did you expect to see? ### Expected Behavior: Regardless of the value of enable_rpc_compression, the session should fail to establish if an incorrect password is provided, and an appropriate error message indicating authentication failure should be returned. ### What did you see instead? ### Actual Behavior: When enable_rpc_compression is set to False, the session establishes successfully even with an incorrect password, bypassing authentication. ### Anything else? ### Suggested Fix: Investigate and correct the authentication mechanism within the Session.open() method to ensure that passwords are always verified correctly, regardless of the enable_rpc_compression setting. Thank you for your attention to this matter. I look forward to seeing this issue addressed in future releases. ### Are you willing to submit a PR? - [ ] I'm willing to submit a PR! -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
