Re: [firebird-support] Enable authorization for legacy Firebird clients

[Alexandre Benson Smith ibl...@thorsoftware.com.br [firebird-support]]

HI

Em 7/7/2016 05:49, tomi.j...@oscar.fi [firebird-support] escreveu:




Hi,

I don’t know if i have understand “Enable authorization for legacy 
Firebird clients” right but..


I just installed Firebird 3 to new development server and checked 
“Enable authorization for legacy Firebird clients” so I can test 
connection from old 2.5 clients. In this installation window I create 
random password like “pass1234”. When I connected to database from 
same server connection is okay with “pass1234”. But when I tried to 
connect from old development server where firebird 2.5 is installed 
with “pass1234” I get error “Your user name and password…”.  My 
surprise was when I tried connect database from old server with 
pasword “masterkey” that connection is succesfully.


I have not created user SYSDBA with “masterke” password and still I 
get connected in database.  So my question is that should this be like 
this?


Best regards,

-Tomi





I don't know how are your configurations, but to enabled Legacy Auth you 
must change:


AuthServer = Srp, Legacy_Auth

UserManager = Srp, Legacy_UserManager

WireCrypt = Enabled

after that, the server is enabled to authenticate using the old protocol.

I think you are in this point, but are unable to authenticate from other 
users because the other users was create by the default plugin (SRP), 
you must create those users using the Legacy_UserManager plug in.The 
SYSDBA was automatically created by the installer using the 
Legacy_UserManager plugin this is the reason you could connect using SYSDBA.


connect to your database and execute the following:
select sec$user_name, sec$plugin from sec$users;


You should see something like:
SEC$USER_NAME   SEC$PLUGIN
=== ===
User1   Srp
User2   Srp

This indicates that the users are created but with the new SRP plugin, 
to authenticate legacy users you need to create them using the legacy 
user manager plugin.


execute this:

create user User1 password 'pas1234' using plugin Legacy_AuthManager;
commit;


after that execute this:
select sec$user_name, sec$plugin from sec$users;

You shoud see:

SEC$USER_NAME   SEC$PLUGIN
=== ===
User1   Srp
User2   Srp
User1   Legacy_UserManager


Note that you have two entries for User1, one for the SRP plugin and the 
other for the Legacy Authentication.


HTH

see you !

[firebird-support] Enable authorization for legacy Firebird clients

[tomi.j...@oscar.fi [firebird-support]]

 
 Hi,
  
 I don’t know if i have understand “Enable authorization for legacy Firebird 
clients” right but.. 
  
 I just installed Firebird 3 to new development server and checked “Enable 
authorization for legacy Firebird clients” so I can test connection from old 
2.5 clients. In this installation window I create random password like 
“pass1234”. When I connected to database from same server connection is okay 
with “pass1234”. But when I tried to connect from old development server where 
firebird 2.5 is installed with “pass1234” I get error “Your user name and 
password…”.  My surprise was when I tried connect database from old server with 
pasword “masterkey” that connection is succesfully.
  
 I have not created user SYSDBA with “masterke” password and still I get 
connected in database.  So my question is that should this be like this? 
  
 Best regards,  
  
 -  Tomi