使用 Java 登录的小写字母用户无法连接到 Firebird 3.0

Question

I connect with names in capital letters, but it does not want to connect with small letters in the login.

Here is a small test

String ENCODING = "WIN1251";
String CONNECTION_URL = "jdbc:firebirdsql:localhost:C:/ProgramData/test.FDB";
Properties properties = new Properties();
properties.setProperty("encoding", ENCODING);
properties.setProperty("roleName", "GUEST");
properties.setProperty("user", "smoll2");
properties.setProperty("password", "1234567a");
DriverManager.getConnection(CONNECTION_URL, properties);

java.sql.SQLInvalidAuthorizationSpecException: Your user name and password are not defined. Ask your database administrator to set up a Firebird login. [SQLState:28000, ISC error code:335544472]
    at org.firebirdsql.gds.ng.FbExceptionBuilder$Type$4.createSQLException(FbExceptionBuilder.java:572)
    at org.firebirdsql.gds.ng.FbExceptionBuilder.toFlatSQLException(FbExceptionBuilder.java:302)
    at org.firebirdsql.gds.ng.wire.AbstractWireOperations.readStatusVector(AbstractWireOperations.java:138)
    at org.firebirdsql.gds.ng.wire.AbstractWireOperations.processOperation(AbstractWireOperations.java:202)
    at org.firebirdsql.gds.ng.wire.AbstractWireOperations.readOperationResponse(AbstractWireOperations.java:161)
    at org.firebirdsql.gds.ng.wire.version13.V13WireOperations.authReceiveResponse(V13WireOperations.java:122)
    at org.firebirdsql.gds.ng.wire.version10.V10Database.authReceiveResponse(V10Database.java:569)
    at org.firebirdsql.gds.ng.wire.WireConnection.identify(WireConnection.java:309)
    at org.firebirdsql.gds.ng.wire.FbWireDatabaseFactory.performConnect(FbWireDatabaseFactory.java:51)
    at org.firebirdsql.gds.ng.wire.FbWireDatabaseFactory.connect(FbWireDatabaseFactory.java:39)
    at org.firebirdsql.gds.ng.wire.FbWireDatabaseFactory.connect(FbWireDatabaseFactory.java:32)
    at org.firebirdsql.jca.FBManagedConnection.<init>(FBManagedConnection.java:141)
    at org.firebirdsql.jca.FBManagedConnectionFactory.createManagedConnection(FBManagedConnectionFactory.java:550)
    at org.firebirdsql.jca.FBStandAloneConnectionManager.allocateConnection(FBStandAloneConnectionManager.java:65)
    at org.firebirdsql.jdbc.FBDataSource.getConnection(FBDataSource.java:124)
    at org.firebirdsql.jdbc.FBDriver.connect(FBDriver.java:137)
    at java.sql.DriverManager.getConnection(DriverManager.java:664)
    at java.sql.DriverManager.getConnection(DriverManager.java:208)

Answer 1

There are basically four situations where this authentication error will happen:

1. The user does not exist or has the wrong password
2. You created the user with a case-sensitive username, eg using CREATE USER "smoll2"... .
3. You created the user with the Legacy_UserManager, and are using Jaybird 4, which by default no longer authenticates with Legacy_Auth
4. The user is marked inactive

I assume case 1 doesn't apply here, but otherwise you need to create the user or change its password.

For case 2, it is important to realise that - since Firebird 3.0 - usernames are identifiers, and follow the same rules as identifiers. Which means unquoted names are stored in uppercase, and match case-insensitively (by means of uppercasing), while quoted names are stored exactly and are compared as is. If you created the user case-sensitively ( CREATE USER "smoll2"... ), then you need to authenticate with a quoted user name:

properties.setProperty("user", "\"smoll2\"");

If you don't do this, you are actually authenticating against the user SMOLL2 (which doesn't exist).

For case 3, since Firebird 3.0, Firebird provides multiple authentication plugins with accompanying user managers. Users exist per user manager. Since Jaybird 4, Jaybird by default only authenticates with plugins Srp256 and Srp (which share the Srp user manager). If you created your user with the Legacy_UserManager (either because it is the first configured in UserManager in firebird.conf, or because you used the using plugin Legacy_UserManager clause when creating the user), you cannot authenticate with the default settings of Jaybird, because it doesn't try the Legacy_Auth user plugin.

There are two solutions for this case:

1. Drop the user with the Legacy_UserManager and create it with the Srp user manager

2. Configure Jaybird to also try Legacy_Auth:

    properties.setProperty("authPlugins", "Srp256,Srp,Legacy_Auth");

   If you only want to try Legacy_Auth, you can remove Srp256 and Srp from the list.

As a variation of case 3, this can also occur if you have a custom user manager and authentication plugin which is not supported by Jaybird.

Finally case 4, a user can be inactive (either because it was created with the INACTIVE clause, or altered to inactive). An inactive user is not allowed to authenticate. The inactive state is ignored for Legacy_UserManager/Legacy_Auth. If a user is inactive, you can activate it again with:

alter user smoll2 set active

Be aware that it could also be a combination of 2 and 3 (using a case-sensitive username and Legacy_UserManager). You can verify which user you have, if it is active, and for which user manager, by executing the following query as SYSDBA or a user with RDB$ADMIN role in the current database and the security database:

select sec$user_name, sec$active, sec$plugin from sec$users;

For Legacy_UserManager, the SEC$ACTIVE column is NULL, as it doesn't support the active/inactive state.