Subject | RE: [firebird-support] Tie X.509 certificate to username |
---|---|
Author | Koen Vermeer |
Post date | 2007-07-09T15:10:36Z |
On Tue, 2007-07-10 at 00:35 +1000, Alan McDonald wrote:
based on the contents of the X509 certificate. That sounded like the
best solution, which is why I was wondering if something similar was
available with Firebird. Alas, it isn't, so I guess I'll have to work my
way around it.
Anyway, I appreciate the help!
Koen
> but the certificate is used at the protocol level. access to FB isI know of one other DB that allows you to grant privileges to users
> still via
> username and password, there's no way around that.
> The certificates you hand out are only good for protecting the
> transport.
> In short .. No FB does not know anything about how to handle
> certificates.
> You need a proxy to do all that for you and the users still need to
> supply a
> username (something they have) AND a password (something they know)
based on the contents of the X509 certificate. That sounded like the
best solution, which is why I was wondering if something similar was
available with Firebird. Alas, it isn't, so I guess I'll have to work my
way around it.
Anyway, I appreciate the help!
Koen