Library

Firebird users with the same names but different passwords

Firebird Friday Joke #7 is devoted to the often confusion of newbies in Firebird 3: the ability to have users with the same names but different passwords in different user managers.

If you have enabled 2 User Managers in firebird.conf

  AuthServer = Srp, Legacy_Auth
  UserManager = Srp, Legacy_UserManager

you can create one user with Srp (as default plugin), and another with Legacy_UserManager.

SQL> CREATE USER newuser PASSWORD '12345';
SQL> CREATE USER newuser PASSWORD '67890' using plugin Legacy_UserManager;
SQL> exit;

and then log in to the database with the same usernames, but different passwords

Then, try the following


E:\testFB\Firebird_3_0>isql  localhost/3058:d:\o30copy.fdb  -user newuser -pass 12345
Database: localhost/3058:d:\o30copy.fdb, User: NEWUSER
SQL> exit;

E:\testFB\Firebird_3_0>isql  localhost/3058:d:\o30copy.fdb  -user newuser -pass 67890
Database: localhost/3058:d:\o30copy.fdb, User: NEWUSER
SQL> exit;

We can identify these users:
SQL> select SEC$USER_NAME, SEC$PLUGIN from sec$users;

SEC$USER_NAME                   SEC$PLUGIN
=============================== ===============================
NEWUSER                         Srp
NEWUSER                         Legacy_UserManager

But we cannot tell which user has what password :)