| Subject | Re: [Firebird-Architect] Trusted authentication |
|---|---|
| Author | Alex Peshkov |
| Post date | 2006-02-10T15:14:10Z |
Alexandre Benson Smith wrote:
MS is smart enough to let people connect to the server, using native
login/password, if configured. With your suggestion any user with valid
credentials can not login with another ones, but user without valid
domain credentials - can. Or do you suggest to disable authentication
via security database at all? This is very simple solution, but it's
mich desired to have reasonable MIXED mode.
> If one have a config option (I think on the server side will be ok),But if one needs to connect to the server with another credentials? Even
> that if it is defined as USE_TRUSTED_AUTHENTICATION = TRUE the server
> sends a request to the client, the client responds the challenge. All
> other info should be ignored, doesn't mind if user provided
> username/password, if it is setted on env vars, etc. if the server is
> configured to use trusted authentication this is the way it will
> authenticate the client. This way (as I see) no client program should be
> changed, only the FB client library should be modified to respond to a
> challenge sent by the server (if the server wish it).
>
MS is smart enough to let people connect to the server, using native
login/password, if configured. With your suggestion any user with valid
credentials can not login with another ones, but user without valid
domain credentials - can. Or do you suggest to disable authentication
via security database at all? This is very simple solution, but it's
mich desired to have reasonable MIXED mode.