Subject Re: [firebird-support] Why does the embedded client require security2.fdb on mac?
Author Helen Borrie
At 08:26 a.m. 18/04/2014, Lee Graber wrote:

>I took a look at the code and jrd/pwd.cpp has pretty much all the security contents commented out if EMBEDDED compiler definition is set. This seems to be inline with the docs which indicate that using embedded server doesn�t require username / pwd as all users have access if you have the fdb. This flag, -DEMBEDDED, is set on Windows but it is not on posix builds. I took a look and there is some other code in server.cpp which will break if you set that compiler flag, but

In the existing releases of Firebird the "embedded" model on Windows is different from on POSIX.

-- on Windows, the client connects to the database via XNET and the client and Superserver components work in the same application space

-- on POSIX, the client makes a direct connection to the database via the Classic server, i.e., no network connection. So, on POSIX, authenticatiion for embedded is no different from when the client connects through the network.

>does that mean that embedded clients actually need the security database or just that it was never cleaned up on posix builds to be able to compile.

No, it just means that the code changes for the unified engine were already under way for Firebird 3 and it wasn't worthwhile rewriting the embedded models when it was all going to change anyway.

FWIW, Classic on POSIX always had "embedded". An embedded mode for Windows didn't appear until the Firebird era was well under way. There are other differences between Windows and POSIX in the area of authentication. For example, it is (and always was) possible for POSIX system users to be mapped to Firebird users. An equivalent ability didn't appear for Windows until relatively recently (Fb 2.1 if memory serves me correctly).

Helen Borrie, Support Consultant, IBPhoenix (Pacific)
Author of "The Firebird Book" and "The Firebird Book Second Edition"