| Subject | Re: [Firebird-Java] Inconsistent behavior with SRP on version 3 |
|---|---|
| Author | Mark Rotteveel |
| Post date | 2018-03-09T19:41:22Z |
On 2018-03-09 19:42, Paul McCormack stonebuffalo@...
[Firebird-Java] wrote:
problem was. However, in Jaybird 3, GDSException is not thrown any more,
so if you received an actual GDSException, that could be an indication
you're still using Jaybird 2.2 (although there are exceptions that could
have the abbreviation GDS in their message).
applied when not explicitly configured (so AuthServer = Srp and
AuthClient = Srp, Win_Sspi, Legacy_Auth are the defaults). So having
that config or commented or not has no discernible effect, as that is
the same value Firebird applies when the setting is absent (or commented
out).
Likely you didn't restart after changing the WireCrypt setting, and when
you restarted after your first change to AuthServer/AuthClient, it
started working.
Jaybird 3 supports both the Srp and Legacy_Auth authentication plugins
(although - of course - Srp is more secure), but the user needs to exist
for the specific authentication plugin.
Mark
[Firebird-Java] wrote:
> Hey, had fun installing Firebird 3.0.3 and jaybird 3..0.3. into myWithout the full exception stacktrace, it is impossible to tell what the
> tomcat development playground...
>
> Once I had RTFM’d and got the example db to work correctly with
> ISQL, I turned my attention to Jaybird. As I was using version 3 I
> modified firebird.conf to enable WireCrypt
>
> WireCrypt = Enabled
>
> My JSP test still gave an exception
> “org.firebird.sql.GDS.GDSException:” If I remember
> correctly.(Sorry, I didn’t record it)
problem was. However, in Jaybird 3, GDSException is not thrown any more,
so if you received an actual GDSException, that could be an indication
you're still using Jaybird 2.2 (although there are exceptions that could
have the abbreviation GDS in their message).
> I then changed firebird.conf as follows:The commented out configuration in firebird.conf documents the defaults
>
> AuthServer = Srp, Legacy_Auth
>
> AuthClient = Srp, Win_Sspi, Legacy_Auth
>
> Restarted firebird and my jsp page worked.(Its a simple test and it
> worked under previous versions)
>
> But I read that Jaybird 3.0.3 should support Srp so I edited
> firebird.conf
>
> AuthServer = Srp
>
> #AuthClient = Srp, Win_Sspi, Legacy_Auth
>
> Restarted the server... It worked.
>
> Ok – last edit
>
> #AuthServer = Srp
>
> #AuthClient = Srp, Win_Sspi, Legacy_Auth
>
> Restarted server and its still working...... at this point I’m
> lost... thought I should make someone aware.
applied when not explicitly configured (so AuthServer = Srp and
AuthClient = Srp, Win_Sspi, Legacy_Auth are the defaults). So having
that config or commented or not has no discernible effect, as that is
the same value Firebird applies when the setting is absent (or commented
out).
Likely you didn't restart after changing the WireCrypt setting, and when
you restarted after your first change to AuthServer/AuthClient, it
started working.
Jaybird 3 supports both the Srp and Legacy_Auth authentication plugins
(although - of course - Srp is more secure), but the user needs to exist
for the specific authentication plugin.
Mark