Alex Peshkov wrote:

> All cases you have described are something not very real. Certainly,
> user may forget everything - for example, forget to connect to the
> server at all:-). But getting serious - what to do, if all of
> ISC_USER/ISC_PASSWORD/isc_dpb_trusted_auth are present in DPB?
> Next, it will require modification of all and any client program to be
> able to use trusted connections. It's pretty easy to add such switches
> to isql, qli and gsec, but what to do with a lot of other programs?
> Certainly, this is very small change, but, for example, you will have to
> wait for next version of IbExpert (and any other third-party software)
> to be able to use trusted connections. Migration appears problematic
> sometimes.
>
>

Guys,

If one have a config option (I think on the server side will be ok),
that if it is defined as USE_TRUSTED_AUTHENTICATION = TRUE the server
sends a request to the client, the client responds the challenge. All
other info should be ignored, doesn't mind if user provided
username/password, if it is setted on env vars, etc. if the server is
configured to use trusted authentication this is the way it will
authenticate the client. This way (as I see) no client program should be
changed, only the FB client library should be modified to respond to a
challenge sent by the server (if the server wish it).

see you !

--
Alexandre Benson Smith
Development
THOR Software e Comercial Ltda
Santo Andre - Sao Paulo - Brazil
www.thorsoftware.com.br