search

FirebirdSQL / NETProvider

Firebird ADO.NET Data Provider
https://www.firebirdsql.org/en/net-provider/
Other
159 stars 65 forks source link

Firebird 2.5.9 embedded not working on linux #1051

Closed rKuettel closed 2 years ago

rKuettel commented 2 years ago

I encountered a Problem while trying to connect to embedded Firebird 2.5.9 on Linux. You need to specify a UserId and Password in the connectionstring, else TrustedAuth is used, which is not supported by embedded. But when you pass a UserId or Password to the embedded Server, it tries to check those in the security2.fdb. But since Authentication is not set up in embedded mode you get the following error: 

Unhandled exception. FirebirdSql.Data.FirebirdClient.FbException (0x80004005): Your user name and password are not defined. Ask your database administrator to set up a Firebird login.
 ---> FirebirdSql.Data.Common.IscException: Your user name and password are not defined. Ask your database administrator to set up a Firebird login.
   at FirebirdSql.Data.Client.Native.StatusVectorHelper.ProcessStatusVector(IntPtr[] statusVector, Charset charset, Action`1 warningMessage)
   at FirebirdSql.Data.Client.Native.FesDatabase.ProcessStatusVector(Charset charset)
   at FirebirdSql.Data.Client.Native.FesDatabase.AttachAsync(DatabaseParameterBufferBase dpb, String database, Byte[] cryptKey, CancellationToken cancellationToken)
   at FirebirdSql.Data.FirebirdClient.FbConnectionInternal.ConnectAsync(CancellationToken cancellationToken)
   at FirebirdSql.Data.FirebirdClient.FbConnectionInternal.ConnectAsync(CancellationToken cancellationToken)
   at FirebirdSql.Data.FirebirdClient.FbConnection.OpenAsync(CancellationToken cancellationToken)
   at Program.<Main>$(String[] args) in /test/app/Program.cs:line 21
   at Program.<Main>$(String[] args) in /test/app/Program.cs:line 25
   at Program.<Main>(String[] args)

In order to fix this problem, I suggest to add an additional check if it is embedded ServerType in the Connect and ConnectAsync Methods:

public async Task ConnectAsync(CancellationToken cancellationToken = default)
{
  if (!Charset.TryGetByName(_options.Charset, out var charset))
      throw new ArgumentException("Invalid character set specified.");

  try
  {
      _db = await ClientFactory.CreateDatabaseAsync(_options, cancellationToken).ConfigureAwait(false);
      var dpb = BuildDpb(_db, _options);
      if (string.IsNullOrEmpty(_options.UserID) && string.IsNullOrEmpty(_options.Password) && _options.ServerType == FbServerType.Default)
      {
          await _db.AttachWithTrustedAuthAsync(dpb, _options.Database, _options.CryptKey, cancellationToken).ConfigureAwait(false);
      }
      else
      {
          await _db.AttachAsync(dpb, _options.Database, _options.CryptKey, cancellationToken).ConfigureAwait(false);
      }
  }
  catch (IscException ex)
  {
      throw FbException.Create(ex);
  }
}

Like this you don't need to specify a UserId and Password in the connection string when connecting to Firebird embedded.

cincuranet commented 2 years ago

But since Authentication is not set up in embedded mode you get the following error:

That's not correct. Auth still applies in Embedded, i.e. you can connect as user Foo and that user does not have permissions for table T, and that works/must work.

mrotteveel commented 2 years ago

That's not correct. Auth still applies in Embedded

To clarify: in Firebird 2.5 and earlier on Linux, authentication against the security database is applied even in Embedded mode. In Firebird 3.0 and higher, authentication against the security database is no longer used for Embedded mode (just like for Windows in earlier Firebird versions)

rKuettel commented 2 years ago

It's just that with Embedded any combination with username/password works (even SYSDBA).

But when I use any combination of username/password I get the Error described in the Issue and therefore can't connect to the Database.

cincuranet commented 2 years ago

As Mark pointed out on with 2.5 and Linux (I missed you're running on Linux) the security DB is still used.

rKuettel commented 2 years ago

This means, the connection should work when I set up a User and Password with gsec, right? Because I tried that but still got the same error.

The only way I managed to establish connection was without using a username/password which required the suggested change.

cincuranet commented 2 years ago

This means, the connection should work when I set up a User and Password with gsec, right?

Yes. Or SYSDBA/masterkey (which in FB2.5 was available by default).

rKuettel commented 2 years ago

Using SYSDBA/masterkey or any other user I set up caused the same error.

cincuranet commented 2 years ago

It's better if you take this into firebird-support list.

rKuettel commented 2 years ago

I just found another solution for my Problem. Setting the environment variables ISC_USER and ISC_PASSWORD and using those credentials solved my problem.

But I'm still a bit confused why it also worked when passing no User/Pass (using my changes)

But anyway thanks for your time and help :)