After taking another look at this, I wonder if it'd be better to fail as soon as we see the database or user name is too long instead of lugging them around when authentication is destined to fail.
-- Nathan Bossart Amazon Web Services: https://aws.amazon.com
