On 05/20/2016 02:55 PM, Adriano dos Santos Fernandes wrote:
> On 20/05/2016 08:04, Alex Peshkoff wrote:
>>> - It needs to verify (itself or in Firebird) user names and passwords
>> What about use of security context of connection from which Java was
>> called when no login/password provided?
> What "security context"?
It's in class UserId (scl.h)
Auth::AuthenticationBlock usr_auth_block; // Authentication block
after mapping
It's passed by default to user-level embedded connections (like EXEC
STATEMENT w/o login/password) and contains info making it possible to
check does current user have enough 'power' to attach to that database
and if yes what will be CURRENT_USER value. Also it's produced by
authentication plugins both in remote server and in extds code.
>
>>> So if engine does not verify it, we should create a service specific for
>>> that: verify user names and passwords. Looks bad solution than initial
>>> one presented in this thread.
>> Engine _can_ verify login/password but this is not default for it.
>> Can FB/Java add to DPB, passed by user in attachDatabase, specific tag
>> (i.e. isc_dpb_validation_needed)? That will be enough.
>>
>>
> Do you talk about possible changes?
>
> I do not see isc_dpb_validation_needed in the code.
>
Yes.
------------------------------------------------------------------------------
Mobile security can be enabling, not merely restricting. Employees who
bring their own devices (BYOD) to work are irked by the imposition of MDM
restrictions. Mobile Device Manager Plus allows you to control only the
apps on BYO-devices by containerizing them, leaving personal data untouched!
https://ad.doubleclick.net/ddm/clk/304595813;131938128;j
Firebird-Devel mailing list, web interface at
https://lists.sourceforge.net/lists/listinfo/firebird-devel
