Re: [Firebird-devel] FB/Java embedded connections - proposed solution for Firebird and Jaybird

[Alex P. <pes...@ma...>]

On 05/20/2016 02:55 PM, Adriano dos Santos Fernandes wrote:
> On 20/05/2016 08:04, Alex Peshkoff wrote:
>>> - It needs to verify (itself or in Firebird) user names and passwords
>> What about use of security context of connection from which Java was
>> called when no login/password provided?
> What "security context"?

It's in class UserId (scl.h)
     Auth::AuthenticationBlock usr_auth_block;   // Authentication block 
after mapping

It's passed by default to user-level embedded connections (like EXEC 
STATEMENT w/o login/password) and contains info making it possible to 
check does current user have enough 'power' to attach to that database 
and if yes what will be CURRENT_USER value. Also it's produced by 
authentication plugins both in remote server and in extds code.

>
>>> So if engine does not verify it, we should create a service specific for
>>> that: verify user names and passwords. Looks bad solution than initial
>>> one presented in this thread.
>> Engine _can_ verify login/password but this is not default for it.
>> Can FB/Java add to DPB, passed by user in attachDatabase, specific tag
>> (i.e. isc_dpb_validation_needed)? That will be enough.
>>
>>
> Do you talk about possible changes?
>
> I do not see isc_dpb_validation_needed in the code.
>

Yes.