Обсуждение: BUG #16736: SCRAM authentication is not supported by this driver
The following bug has been logged on the website:
Bug reference: 16736
Logged by: Walter Weinmann
Email address: walter@konnexions.ch
PostgreSQL version: 13.1
Operating system: Windows 10
Description:
Version 13 was fine, but now with version 13.1 (via Docker image
postgres:13.1-alpine) and postgresql-42.2.18.jar I get:
Nov. 21, 2020 6:26:36 AM org.postgresql.core.v3.ConnectionFactoryImpl log
WARNING: SQLException occurred while connecting to localhost:5432
org.postgresql.util.PSQLException: SCRAM authentication is not supported by
this driver. You need JDK >= 8 and pgjdbc >= 42.2.0 (not ".jre" versions)
at
org.postgresql.core.v3.ConnectionFactoryImpl.doAuthentication(ConnectionFactoryImpl.java:625)
at
org.postgresql.core.v3.ConnectionFactoryImpl.openConnectionImpl(ConnectionFactoryImpl.java:205)
at
org.postgresql.core.ConnectionFactory.openConnection(ConnectionFactory.java:49)
at org.postgresql.jdbc.PgConnection.<init>(PgConnection.java:195)
at org.postgresql.Driver.makeConnection(Driver.java:452)
at org.postgresql.Driver.connect(Driver.java:254)
at
java.sql/java.sql.DriverManager.getConnection(DriverManager.java:677)
at
java.sql/java.sql.DriverManager.getConnection(DriverManager.java:251)
at
ch.konnexions.db_seeder.jdbc.AbstractJdbcSeeder.connect(AbstractJdbcSeeder.java:265)
at
ch.konnexions.db_seeder.jdbc.AbstractJdbcSeeder.connect(AbstractJdbcSeeder.java:168)
at
ch.konnexions.db_seeder.jdbc.AbstractJdbcSeeder.setupPostgresql(AbstractJdbcSeeder.java:1633)
at
ch.konnexions.db_seeder.jdbc.postgresql.PostgresqlSeeder.setupDatabase(PostgresqlSeeder.java:125)
at
ch.konnexions.db_seeder.jdbc.AbstractJdbcSeeder.createData(AbstractJdbcSeeder.java:347)
at
ch.konnexions.db_seeder.DatabaseSeeder.main(DatabaseSeeder.java:194)
Nov. 21, 2020 6:26:36 AM org.postgresql.Driver connect
SEVERE: Connection error:
org.postgresql.util.PSQLException: SCRAM authentication is not supported by
this driver. You need JDK >= 8 and pgjdbc >= 42.2.0 (not ".jre" versions)
at
org.postgresql.core.v3.ConnectionFactoryImpl.doAuthentication(ConnectionFactoryImpl.java:625)
at
org.postgresql.core.v3.ConnectionFactoryImpl.openConnectionImpl(ConnectionFactoryImpl.java:205)
at
org.postgresql.core.ConnectionFactory.openConnection(ConnectionFactory.java:49)
at org.postgresql.jdbc.PgConnection.<init>(PgConnection.java:195)
at org.postgresql.Driver.makeConnection(Driver.java:452)
at org.postgresql.Driver.connect(Driver.java:254)
at
java.sql/java.sql.DriverManager.getConnection(DriverManager.java:677)
at
java.sql/java.sql.DriverManager.getConnection(DriverManager.java:251)
at
ch.konnexions.db_seeder.jdbc.AbstractJdbcSeeder.connect(AbstractJdbcSeeder.java:265)
at
ch.konnexions.db_seeder.jdbc.AbstractJdbcSeeder.connect(AbstractJdbcSeeder.java:168)
at
ch.konnexions.db_seeder.jdbc.AbstractJdbcSeeder.setupPostgresql(AbstractJdbcSeeder.java:1633)
at
ch.konnexions.db_seeder.jdbc.postgresql.PostgresqlSeeder.setupDatabase(PostgresqlSeeder.java:125)
at
ch.konnexions.db_seeder.jdbc.AbstractJdbcSeeder.createData(AbstractJdbcSeeder.java:347)
at
ch.konnexions.db_seeder.DatabaseSeeder.main(DatabaseSeeder.java:194)
org.postgresql.util.PSQLException: SCRAM authentication is not supported by
this driver. You need JDK >= 8 and pgjdbc >= 42.2.0 (not ".jre" versions)
at
org.postgresql.core.v3.ConnectionFactoryImpl.doAuthentication(ConnectionFactoryImpl.java:625)
at
org.postgresql.core.v3.ConnectionFactoryImpl.openConnectionImpl(ConnectionFactoryImpl.java:205)
at
org.postgresql.core.ConnectionFactory.openConnection(ConnectionFactory.java:49)
at org.postgresql.jdbc.PgConnection.<init>(PgConnection.java:195)
at org.postgresql.Driver.makeConnection(Driver.java:452)
at org.postgresql.Driver.connect(Driver.java:254)
at
java.sql/java.sql.DriverManager.getConnection(DriverManager.java:677)
at
java.sql/java.sql.DriverManager.getConnection(DriverManager.java:251)
at
ch.konnexions.db_seeder.jdbc.AbstractJdbcSeeder.connect(AbstractJdbcSeeder.java:265)
at
ch.konnexions.db_seeder.jdbc.AbstractJdbcSeeder.connect(AbstractJdbcSeeder.java:168)
at
ch.konnexions.db_seeder.jdbc.AbstractJdbcSeeder.setupPostgresql(AbstractJdbcSeeder.java:1633)
at
ch.konnexions.db_seeder.jdbc.postgresql.PostgresqlSeeder.setupDatabase(PostgresqlSeeder.java:125)
at
ch.konnexions.db_seeder.jdbc.AbstractJdbcSeeder.createData(AbstractJdbcSeeder.java:347)
at
ch.konnexions.db_seeder.DatabaseSeeder.main(DatabaseSeeder.java:194)
Processing of the script was aborted, error code=1
PS D:\SoftDevelopment\Projects\db_seeder> cmd
Microsoft Windows [Version 10.0.19042.630]
(c) 2020 Microsoft Corporation. All rights reserved.
D:\SoftDevelopment\Projects\db_seeder>java -version
openjdk version "15" 2020-09-15
OpenJDK Runtime Environment (build 15+36-1562)
OpenJDK 64-Bit Server VM (build 15+36-1562, mixed mode, sharing)
D:\SoftDevelopment\Projects\db_seeder>docker ps -a
CONTAINER ID IMAGE COMMAND
CREATED STATUS PORTS
NAMES
5b9bfbbcdb40 postgres:13.1-alpine "docker-entrypoint.s…" 38
minutes ago Up 38 minutes 0.0.0.0:5432->5432/tcp
db_seeder_db
426d56c750e8 prestosql/presto:346 "/usr/lib/presto/bin…" 9
hours ago Exited (255) 2 hours ago 0.0.0.0:8080->8080/tcp
db_seeder_presto
3259f5bb6c0e portainer/portainer-ce "/portainer" 5
weeks ago Exited (255) 2 hours ago 0.0.0.0:8000->8000/tcp,
0.0.0.0:9000->9000/tcp portainer
PG Bug reporting form <noreply@postgresql.org> writes:
> Version 13 was fine, but now with version 13.1 (via Docker image
> postgres:13.1-alpine) and postgresql-42.2.18.jar I get:
> Nov. 21, 2020 6:26:36 AM org.postgresql.core.v3.ConnectionFactoryImpl log
> WARNING: SQLException occurred while connecting to localhost:5432
> org.postgresql.util.PSQLException: SCRAM authentication is not supported by
> this driver. You need JDK >= 8 and pgjdbc >= 42.2.0 (not ".jre" versions)
I doubt this has anything to do with an update to 13.1 per se.
What more likely happened is that you changed your account password
and it's now stored under SCRAM hashing, which your client-side
code is evidently too old to support. If you don't want to update
your client-side code right now, do "set password_encryption = md5"
and then set the password again. If you're running as superuser
you can look into pg_authid.rolpassword to verify that the hashed
password starts with "md5" not "SCRAM".
(BTW, md5 is still the default value for password_encryption in v13,
so it seems like you must have overridden that.)
regards, tom lane
I use the official PostgreSQL image of DockerHub (docker pull postgres:13.1) Is it possible that in 13.1 the default password encryption has been changed to scram-sha-256? That would explain my problem, because in the image the parameter password_encryption in postgresql.conf is commented out.
On Sat, 21 Nov 2020 at 18:45, Tom Lane <tgl@sss.pgh.pa.us> wrote:
PG Bug reporting form <noreply@postgresql.org> writes:
> Version 13 was fine, but now with version 13.1 (via Docker image
> postgres:13.1-alpine) and postgresql-42.2.18.jar I get:
> Nov. 21, 2020 6:26:36 AM org.postgresql.core.v3.ConnectionFactoryImpl log
> WARNING: SQLException occurred while connecting to localhost:5432
> org.postgresql.util.PSQLException: SCRAM authentication is not supported by
> this driver. You need JDK >= 8 and pgjdbc >= 42.2.0 (not ".jre" versions)
I doubt this has anything to do with an update to 13.1 per se.
What more likely happened is that you changed your account password
and it's now stored under SCRAM hashing, which your client-side
code is evidently too old to support. If you don't want to update
your client-side code right now, do "set password_encryption = md5"
and then set the password again. If you're running as superuser
you can look into pg_authid.rolpassword to verify that the hashed
password starts with "md5" not "SCRAM".
(BTW, md5 is still the default value for password_encryption in v13,
so it seems like you must have overridden that.)
regards, tom lane
___________________________________________________________________________
Walter Weinmann
___________________________________________________________________________
Grabenstrasse 13
CH-6004 Luzern
CH-6004 Luzern
Mobile: +41 (0)76 477 27 87
Phone: +41 (0)61 841 06 10
___________________________________________________________________________
Walter Weinmann <walter.weinmann@gmail.com> writes:
> I use the official PostgreSQL image of DockerHub (docker pull
> postgres:13.1) Is it possible that in 13.1 the default password encryption
> has been changed to scram-sha-256? That would explain my problem, because
> in the image the parameter *password_encryption* in *postgresql.conf* is
> commented out.
Seems unlikely, but the pg_settings row for password_encryption would
tell you more about what the active setting is and where it came from.
regards, tom lane
Walter Weinmann wrote: > I use the official PostgreSQL image of DockerHub (docker pull > postgres:13.1) Is it possible that in 13.1 the default password encryption > has been changed to scram-sha-256? That would explain my problem, because > in the image the parameter *password_encryption* in *postgresql.conf* is > commented out. Another possibility is that your deployment process includes a pg_hba.conf with scram-sha-256 as the auth method. In that case, if the client cannot do scram-sha-256 it will be rejected, no matter what is in password_encryption and the format of the actual password in pg_authid. See the output of select * from pg_hba_file_rules; Best regards, -- Daniel Vérité PostgreSQL-powered mailer: https://www.manitou-mail.org Twitter: @DanielVerite