On 04/24/2016 11:32 AM, Mark Rotteveel wrote: > It looks like Firebird 3 rejects the login attempt if the user exists > for a plugin, but the provided password is wrong. I thought that this > would continue authentication with the next plugin, but it doesn't. > > Is that intentional?
Yes. > This leaks information about the existence of a user (it exists in > plugin x). > > Mark ------------------------------------------------------------------------------ Find and fix application performance issues faster with Applications Manager Applications Manager provides deep performance insights into multiple tiers of your business applications. It resolves application problems quickly and reduces your MTTR. Get your free trial! https://ad.doubleclick.net/ddm/clk/302982198;130105516;z Firebird-Devel mailing list, web interface at https://lists.sourceforge.net/lists/listinfo/firebird-devel
