[Firebird-devel] [FB-Tracker] Created: (CORE-4885) Trusted auth. does not workwhen OS user name contains non-ascii characters (rather than Srp auth which does work fine in that case for SQL login)

[Pavel Zotov (JIRA)]

Trusted auth. does not workwhen OS user name contains non-ascii characters 
(rather than Srp auth which does work fine in that case for SQL login)
-------------------------------------------------------------------------------------------------------------------------------------------------

                 Key: CORE-4885
                 URL: http://tracker.firebirdsql.org/browse/CORE-4885
             Project: Firebird Core
          Issue Type: Bug
          Components: Charsets/Collation, Security
    Affects Versions: 3.0 RC 1
            Reporter: Pavel Zotov
         Attachments: srp-auth-with-non-ascii-chars-in-SQL-user-name.png, 
trusted-auth-with-non-ascii-chars-in-os-user-name.png

On snapshot with non-initialized security3.fdb and default firebird.conf do:

C:\...> gsec -display -database .\security3.fdb
Install incomplete, please read the Compatibility chapter in the release notes 
for this version

C:\...> echo create user SYSDBA password 'masterkey'; show users;  |  isql 
-user sysdba .\security3.fdb
Users in the database
  2 #SYSDBA

Than:

C:\...> isql localhost/3050:employee -q
SQL> CREATE GLOBAL MAPPING TRUSTED_AUTH USING PLUGIN WIN_SSPI FROM ANY USER TO 
USER;
SQL> exit;

Than firebird.conf was changed: AuthServer and AuthClient were replaced with 
`Win_Sspi` at the start of their values:
===
RemoteServicePort = 3330
Servermode = SuperClassic

AuthServer = Win_Sspi,Srp,Legacy_Auth
AuthClient = Win_Sspi,Srp,Legacy_Auth
WireCrypt = Disabled
UserManager = Srp

TempDirectories = c:\temp
MaxUserTraceLogSize = 99999
FileSystemCacheThreshold = 65536K
LockHashSlots = 22111
TempCacheLimit = 2147483647
===

-- and FB service was restarted.

After that OS user with cyrillic characters has been created on that host, his 
name is: "ВасисуалийПупка", after that Windows session was restarted with this 
user name.

Trying to connect to database 'employee' using OS authentification fails in 
this case - see attached file 
"trusted-auth-with-non-ascii-chars-in-os-user-name.png".
If undo changes in firebird.conf and try to create SQL login with non-ascii 
characters and connect using it - all OK, see file 
"srp-auth-with-non-ascii-chars-in-SQL-user-name.png" (but there is one question 
about MON$REMOTE_OS_USER - see this screenshot).

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: 
http://tracker.firebirdsql.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

       

------------------------------------------------------------------------------
Firebird-Devel mailing list, web interface at 
https://lists.sourceforge.net/lists/listinfo/firebird-devel