Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Provide ability to know which auth. method was applied for establishing connect [CORE4222] #4546

Closed
firebird-automations opened this issue Sep 18, 2013 · 15 comments

Comments

@firebird-automations
Copy link
Collaborator

Submitted by: @pavel-zotov

Block progress on DNET652

Currently we have few plugins for client authentification defined in firebird.conf:
#⁠AuthClient = Srp, Win_Sspi, Legacy_Auth

When client-3.x is connecting to server-3.x the plugin that is selected can be known only if we take this config parameter and analyze it "from left to right".
For the purpoces of testing and debugging it will be useful if such info will appear in MON$-tables.

Commits: 5c91efe 3821ec9 FirebirdSQL/fbt-repository@831ae53 FirebirdSQL/fbt-repository@4799061

@firebird-automations
Copy link
Collaborator Author

Modified by: @AlexPeshkoff

assignee: Alexander Peshkov [ alexpeshkoff ]

@firebird-automations
Copy link
Collaborator Author

Modified by: @AlexPeshkoff

status: Open [ 1 ] => Open [ 1 ]

Target: 3.0 Beta 1 [ 10332 ]

@firebird-automations
Copy link
Collaborator Author

Modified by: @dyemanov

assignee: Alexander Peshkov [ alexpeshkoff ] => Dmitry Yemanov [ dimitr ]

@firebird-automations
Copy link
Collaborator Author

Modified by: @dyemanov

Component: Engine [ 10000 ]

@firebird-automations
Copy link
Collaborator Author

Modified by: @dyemanov

status: Open [ 1 ] => Open [ 1 ]

Target: 3.0 Beta 1 [ 10332 ] =>

@firebird-automations
Copy link
Collaborator Author

Modified by: @dyemanov

status: Open [ 1 ] => Resolved [ 5 ]

resolution: Fixed [ 1 ]

Fix Version: 3.0 Alpha 2 [ 10560 ]

@firebird-automations
Copy link
Collaborator Author

Commented by: @sim1984

Please add the description of a new column in README.monitoring_tables

@firebird-automations
Copy link
Collaborator Author

Commented by: @dyemanov

Done.

@firebird-automations
Copy link
Collaborator Author

Commented by: @pavel-zotov

Reopened temply: usage of auth plugin `Win_Sspi` is NOT reflected in MON$ATTACHMENTS table.

Steps to reproduce:
1) change firebird.conf to default, connect as 'sysdba/masterkey';
2) issue: CREATE GLOBAL MAPPING TRUSTED_AUTH USING PLUGIN WIN_SSPI FROM ANY USER TO USER; EXIT;
3) change firebird.conf to:
AuthServer = Win_Sspi,Legacy_Auth,Srp
AuthClient = Win_Sspi,Legacy_Auth,Srp
4) restart FB and try to:

SQL> set list on;
SQL> select mon$user,mon$remote_host,mon$remote_os_user,mon$client_version,mon$auth_method
CON> from mon$attachments where mon$attachment_id = current_connection;

Output will be:

MON$USER CSPROG\ZOTOV
MON$REMOTE_HOST csprog
MON$REMOTE_OS_USER zotov
MON$CLIENT_VERSION WI-V3.0.0.31929 Firebird 3.0 Release Candidate 1
MON$AUTH_METHOD <null> ---------------------------------------------------------------------- expected: 'Win_Sspi' or like this.

PS. Letter to Alex: 09-JUL-2015 14:53.

@firebird-automations
Copy link
Collaborator Author

Modified by: @pavel-zotov

status: Resolved [ 5 ] => Reopened [ 4 ]

resolution: Fixed [ 1 ] =>

@firebird-automations
Copy link
Collaborator Author

Modified by: @dyemanov

Fix Version: 3.0.0 [ 10048 ]

Fix Version: 3.0 Alpha 2 [ 10560 ] =>

@firebird-automations
Copy link
Collaborator Author

Commented by: @dyemanov

Pavel, please re-check your latest comment. I've just tested and see MON$AUTH_METHOD = "Mapped from Win_Sspi".

@firebird-automations
Copy link
Collaborator Author

Commented by: @pavel-zotov

> please re-check your latest comment. I've just tested and see MON$AUTH_METHOD = "Mapped from Win_Sspi".

On build 32311 I've replaced firebird.conf with default one and changed following parameters:

C:\MIX\firebird\fb30>findstr /r /c:"^[^#⁠;]" firebird.conf
AuthServer = Win_Sspi,Legacy_Auth,Srp
AuthClient = Win_Sspi,Legacy_Auth,Srp
WireCrypt = Disabled
RemoteServicePort = 3333

Then I removed environment variables ISC_USER, ISC_PASSWORD, restrt FB and did:

C:\MIX\firebird\fb30>isql /3333:employee
Database: /3333:employee, User: CSPROG\ZOTOV
SQL> set list on;
SQL> select mon$user,mon$remote_host,mon$remote_os_user,mon$client_version,mon$auth_method
CON> from mon$attachments where mon$attachment_id = current_connection;

Result is:

MON$USER CSPROG\ZOTOV
MON$REMOTE_HOST csprog
MON$REMOTE_OS_USER zotov
MON$CLIENT_VERSION WI-V3.0.0.32311 Firebird 3.0 Release Candidate 2
MON$AUTH_METHOD Mapped from Win_Sspi

@firebird-automations
Copy link
Collaborator Author

Modified by: @dyemanov

status: Reopened [ 4 ] => Resolved [ 5 ]

resolution: Fixed [ 1 ]

@firebird-automations
Copy link
Collaborator Author

Modified by: @cincuranet

Link: This issue block progress on DNET652 [ DNET652 ]

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

2 participants