On 11/05/2015 07:20 PM, Mark Rotteveel wrote: > On Thu, 5 Nov 2015 16:07:05 +0300, Alex Peshkoff <peshk...@mail.ru> wrote: >> That's how authentication and providers work, but for management such >> mode is not good. >> Imagine that one can issue identical but with different password command >> CREATE USER twice, adding users with different passwords in different >> plugins. I do not think it's good idea. > ... > >> Yes, this should work. >> Except one detail - I've tried to keep legacy auth as 'old-style' as >> possible, and SYSDBA for it is pre-created in security database. With >> old password 'masterke'. I.e. you will not be able to create user sysdba >> second time. But with SQL you may use CREATE OR ALTER which will work >> like for any other DDL. > I have both a Srp and legacy_auth sysdba, so it is possible to create two > users with the same name. Could you clarify what you mean? Or is sysdba an > exception to this?
You have removed the sample, but exactly looking at it is important for an answer. create user SYSDBA password 'SomethingCryptic' using plugin legacy_auth; In legacy table of users (plg$users) there is already user sysdba, and therefore this command will fail. Approximately this way: # ./isql employee Database: employee, User: SYSDBA SQL> create user SYSDBA password 'SomethingCryptic' using plugin Legacy_UserManager; Statement failed, SQLSTATE = 23000 add record error -violation of PRIMARY or UNIQUE KEY constraint "INTEG_2" on table "PLG$USERS" -Problematic key value is ("PLG$USER_NAME" = 'SYSDBA') SQL> For any other user - please, it works. Or something like this may be done: SQL> create or alter user SYSDBA password 'SomethingCryptic' using plugin Legacy_UserManager; SQL> ------------------------------------------------------------------------------ Firebird-Devel mailing list, web interface at https://lists.sourceforge.net/lists/listinfo/firebird-devel