Subject Re: Security.fdb improvements
Author Adam
--- In, "Salvatore Besso"
<s.besso@...> wrote:
> hello all,
> maybe you remember this old thread where I asked if it was safe to add
> fields to security.fdb to enhance it. Ann (Harrison) said "yes, but
make a
> copy first, just to be safe".
> Ok, I have modified security.fdb adding some simple fields and it works
> well. When I connect to a database, authentication is fine as usual.
> after the connection to the main db, I try to connect to
security.fdb using
> a separate connection and an alias defined in aliases.conf to
retrieve the
> extra data, but it seems not possible to connect to security.fdb at
> stage using the alias, because I get:
> I/O error for file security.fdb
> file not found
> Instead, if I specify the exact local path
> C:\Programmi\Firebird\Firebird_1_5\security.fdb
> without using the alias, I can connect to security.fdb. The alias in
> aliases.conf is correct as visible above (I have an Italian
Windows). It
> seems that Firebird doesn't like an alias to connect to the security
> database itself.
> If the connection with the alias is not possible it's a trouble
since this
> mechanism with the new fields cannot work.
> To be as precise as possible, I'm using IB Objects 4.6A for the
> Any clue?
> Regards
> Salvatore

Hello Salvatore,

I am not sure about the exact nature of the problem you are
encountering, but I it doesn't 'feel' like a good idea to me.

Apart from the security database being modified in future versions
which may cause you to have to rewrite your logic with every release,
FB2 will reject direct connections to the database:

From FB2(RC2) Release notes:

Non-server access to security database is rejected
A. Peshkov

GSEC now uses the Services API. The server will refuse any access to
security2.fdb except through the Services Manager.

Although strictly speaking FB2 is off topic in this list, I think it
is important that you are aware of the changes it will introduce. I
would be planning an alternative way to achieve what you are trying to
achieve by storing the information in the security database. You have
access to the CURRENT_USER and CURRENT_ROLE environment variables.