Firebird 3 sysdba password stunning issue

Question

I migrated from firebird 2.5.x to 3.0 i have changed firebird.conf :

WireCrypt = Enabled
AuthServer = Legacy_Auth, Srp, Win_Sspi

after that here you are what happened:

I can connect from Netbeans IDE using SYSDBA masterkey. I can connect from FlameRobin (database admin. tool) using SYSDBA with other password. I can not connect from Wild-Fly server using SYSDBA with that other password.

I am really wondering.!!

Answer 1

I assume you are using Jaybird 2.2.x (or earlier) when connecting from Netbeans and Wildfly. With Firebird 3 a new authentication model was introduced called SRP (Secure Remote Password). Jaybird 2.2.x doesn't support this new authentication model (support will be added in Jaybird 3.0), so you need to use the Legacy_Auth plugin.

Users have a separate identity per plugin, this means that you (can) have two users with the name SYSDBA, one for SRP and one for Legacy_Auth. These users have their own passwords.

So when you connect from Netbeans and Wildfly, you need to specify the password of the legacy authentication user. This password appears to be masterkey, or actually: masterke as legacy passwords are only 8 characters.

When you connect from flamerobin, you can use the 'other' password (of the SRP sysdba user) as flamerobin uses the Firebird 3 fbclient.dll/libfbclient.so and therefor supports the new SRP authentication model.

As far as I know flamerobin should also be able to authenticate with the password of the legacy sysdba user (when login fails, it should try the next plugin). I will test that tomorrow.