HI
Em 7/7/2016 05:49, tomi.j...@oscar.fi [firebird-support] escreveu:
Hi,
I don’t know if i have understand “Enable authorization for legacy
Firebird clients” right but..
I just installed Firebird 3 to new development server and checked
“Enable authorization for legacy Firebird clients” so I can test
connection from old 2.5 clients. In this installation window I create
random password like “pass1234”. When I connected to database from
same server connection is okay with “pass1234”. But when I tried to
connect from old development server where firebird 2.5 is installed
with “pass1234” I get error “Your user name and password…”. My
surprise was when I tried connect database from old server with
pasword “masterkey” that connection is succesfully.
I have not created user SYSDBA with “masterke” password and still I
get connected in database. So my question is that should this be like
this?
Best regards,
-Tomi
I don't know how are your configurations, but to enabled Legacy Auth you
must change:
AuthServer = Srp, Legacy_Auth
UserManager = Srp, Legacy_UserManager
WireCrypt = Enabled
after that, the server is enabled to authenticate using the old protocol.
I think you are in this point, but are unable to authenticate from other
users because the other users was create by the default plugin (SRP),
you must create those users using the Legacy_UserManager plug in.The
SYSDBA was automatically created by the installer using the
Legacy_UserManager plugin this is the reason you could connect using SYSDBA.
connect to your database and execute the following:
select sec$user_name, sec$plugin from sec$users;
You should see something like:
SEC$USER_NAME SEC$PLUGIN
=== ===
User1 Srp
User2 Srp
This indicates that the users are created but with the new SRP plugin,
to authenticate legacy users you need to create them using the legacy
user manager plugin.
execute this:
create user User1 password 'pas1234' using plugin Legacy_AuthManager;
commit;
after that execute this:
select sec$user_name, sec$plugin from sec$users;
You shoud see:
SEC$USER_NAME SEC$PLUGIN
=== ===
User1 Srp
User2 Srp
User1 Legacy_UserManager
Note that you have two entries for User1, one for the SRP plugin and the
other for the Legacy Authentication.
HTH
see you !