On 21-01-2021 13:55, Hugo Eyng | Datamais via Firebird-devel wrote:
I would like to try a migration from FB 2.5 to FB 4.
The last time I tried I faced troubles to connect to the database.
Apparently the troubles were related to the authentication method.
When asking questions, it is very helpful to provide details about the
problems you encountered, as it allows us to provide more detailed or
more specific answers.
Where can I found good information about how to connect my
application, that currently uses FB 2.5, in the FB 4?
I will install FB 4 in a CentOS 7.9 server.
There are essentially two routes:
1. Make sure your application uses a Firebird 3.0.4 or higher fbclient
(or a connection library that supports the Srp256 authentication, e.g.
if you're using Jaybird or something else that doesn't use fbclient).
Create your users with the Srp user manager (CREATE USER ... USING
PLUGIN Srp).
1b. If your connection library supports Srp, but not Srp256, configure
Firebird to enable the Srp authentication plugin by adding Srp to the
*end* of the AuthServer config option.
2. Configure Firebird to support the Legacy_Auth plugin (add Legacy_Auth
to the *end* of the AuthServer config option), enable the
Legacy_UserManager (add it to the *end* of the UserManager config
option), relax the wire encryption from default required to enabled
(change config option WireCrypt to Enabled)
Create your users with the Legacy_UserManager (CREATE USER ... USING
PLUGIN Legacy_UserManager).
Some of this is also documented in
https://www.firebirdsql.org/file/documentation/release_notes/html/en/3_0/rlsnotes30.html#rnfb30-compat-legacyauth,
but this suggests putting Legacy_Auth first and disables the Srp user
manager, which leads to an insecure configuration for attachments
created by clients that do support Srp256.
Option 1 (using Srp256 or Srp) is more secure and should be preferred.
Option 2 should only be followed if your application for some reason is
stuck on a connection library that does not support Srp256 or Srp.
Mark
--
Mark Rotteveel
Firebird-Devel mailing list, web interface at
https://lists.sourceforge.net/lists/listinfo/firebird-devel