sspi

Discussion of open issues, suggestions and bugs regarding ADO.NET provider for PostgreSQL
cjbiggs
Posts: 105
Joined: Fri 15 Jan 2010 19:56

Post by cjbiggs » Wed 22 Jun 2011 13:42

So I can test it will my own application that is using dotConnect for PostgresSQL 5.30.172 and Entity Framework creating the connection using the DBProviderFactory in the machine.config? Why can't I just replace my currently installed assemblies with the test assemblies and use my application to do the test? Send me a test application if I can use my own application. Email it to [email protected]

Thanks,

Charlie J.

Shalex
Site Admin
Posts: 9543
Joined: Thu 14 Aug 2008 12:44

Post by Shalex » Thu 23 Jun 2011 06:46

1. Unfortunately, we cannot find your e-mail (djmail at redshfit*com) among registered users' e-mails. Could you please send me (alexsh at devart*com, cc: sales devart*com) your registration name, company, order number (if possible) to identify your license?
2. The assemblies that were emailed to you can be used only for opening connection. Create a console application and try to open a connection using the test assemblies with the following connection string:

Code: Select all

PgSqlConnection conn = new PgSqlConnection("Host=***;Port=***; Database=***;Integrated Security=True");
conn.Open();
Could you please confirm that the SSPI connection works correctly in your environment?

Shalex
Site Admin
Posts: 9543
Joined: Thu 14 Aug 2008 12:44

Post by Shalex » Tue 05 Jul 2011 14:11

Charlie, could you please confirm that the SSPI connection works correctly in your environment?

cjbiggs
Posts: 105
Joined: Fri 15 Jan 2010 19:56

Post by cjbiggs » Sat 09 Jul 2011 14:55

I notice that SSPI Authenication Support was added in dotConnect for PostgreSQL 5.30.185. Does this support my case where I am using Entity Framework and DBProviderFactory in my web.config? Or do I still have to use only the coding method mention below

PgSqlConnection conn = new PgSqlConnection("Host=***;Port=***; Database=***;Integrated Security=True");
conn.Open();

Thanks,

Charlie J.

Shalex
Site Admin
Posts: 9543
Joined: Thu 14 Aug 2008 12:44

Post by Shalex » Mon 11 Jul 2011 11:56

There should be no difference between using SSPI with PgSqlConnection and with Entity Framework via DBProviderFactory, because internal implementation of Entity Framework uses the same PgSqlConnection object.

We have asked you (with no confirmation from your side) whether simple SSPI connection via PgSqlConnection works or not. If PgSqlConnection works, the feature is implemented correctly, and the issue with EF application can be caused by other reasons (e.g., your web server is not configured for Windows integrated authentication).

1. Try the code from your previous post and notify us about the results.
2. Tell us the exact text of the error message and your call stack which you are getting in your Entity Framework application. Also please describe your scenario (where and how you are deploying your application, etc).

cjbiggs
Posts: 105
Joined: Fri 15 Jan 2010 19:56

Post by cjbiggs » Thu 14 Jul 2011 01:21

This did not work for me. I am using the latest dotConnection for Postgres 5.30.185 Postgres 9.x on a FreeBSD server. I am getting unsupported Authenication with I am using the Entity Developer to connect to my Database running on FreeBSD with integrated security = true. The Npgsql Provider supports SSPI/GSSPI.

It is easy to reproduce. Just install a Postgres 9.x on a FreeBSD Server and configure for Windows Authenciation and try to connect.

Thanks,

Charlie J.

cjbiggs
Posts: 105
Joined: Fri 15 Jan 2010 19:56

Post by cjbiggs » Mon 18 Jul 2011 13:30

Any reply or update on my issues about SSPI/GSSPI?

Thanks,

Charlie J.

Shalex
Site Admin
Posts: 9543
Joined: Thu 14 Aug 2008 12:44

Post by Shalex » Tue 19 Jul 2011 07:17

Are you using SSPI or GSS authentication type?
The request was to support the SSPI authentication type, and we have implemented this feature (we have received a confirmation from our customer Patrick Greenwald that SSPI works in his environment). Please try SSPI and notify us about the results.

cjbiggs
Posts: 105
Joined: Fri 15 Jan 2010 19:56

Post by cjbiggs » Tue 19 Jul 2011 13:25

I am sure SSPI is working for Windows to Windows Authenication. I am doing Windows to FreeBSD (Postgres). It doesnt work for my scenario. NpgSQL works for both the SSPI and GSSPI case. Will there be support for GSSPI? SSPI is a proprietary variant of GSSAPI. The tokens generated and accepted by the SSPI are mostly compatible with the GSS-API so an SSPI client on Windows may be able to authenticate with a GSS-API server on UNIX depending on the specific circumstances.

Thanks,

Charlie J.

Shalex
Site Admin
Posts: 9543
Joined: Thu 14 Aug 2008 12:44

Post by Shalex » Wed 20 Jul 2011 12:56

We have supported GSSAPI authentication type. Look forward to the next build of dotConnect for PostgreSQL to test it in your environment.

cjbiggs
Posts: 105
Joined: Fri 15 Jan 2010 19:56

Post by cjbiggs » Wed 20 Jul 2011 13:13

That would be Great. Thanks. Looking Forward to it.

Charlie J.

Shalex
Site Admin
Posts: 9543
Joined: Thu 14 Aug 2008 12:44

Post by Shalex » Fri 29 Jul 2011 08:15

Charlie, please try the new 5.30.196 build of dotConnect for PostgreSQL and notify us if GSSAPI authentication type works.

Shalex
Site Admin
Posts: 9543
Joined: Thu 14 Aug 2008 12:44

Post by Shalex » Tue 09 Aug 2011 11:24

Charlie, does GSSAPI authentication type work in dotConnect for PostgreSQL v 5.30.196?

cjbiggs
Posts: 105
Joined: Fri 15 Jan 2010 19:56

Post by cjbiggs » Wed 24 Aug 2011 17:47

No. The GSSPI did not work. Here is the stack track

accepting GSS security context failedDescription: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

Exception Details: Devart.Data.PostgreSql.PgSqlException: accepting GSS security context failed

Source Error:

An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.
Stack Trace:

[PgSqlException (0x80004005): accepting GSS security context failed] Devart.Data.PostgreSql.ag.af() +654 Devart.Data.PostgreSql.ag.a() +25 Devart.Common.DbConnectionFactory.a(DbConnectionBase A_0) +341 Devart.Common.DbConnectionClosed.Open(DbConnectionBase outerConnection) +145 Devart.Common.DbConnectionBase.Open() +216 Devart.Data.PostgreSql.PgSqlConnection.Open() +259 System.Data.EntityClient.EntityConnection.OpenStoreConnectionIf(Boolean openCondition, DbConnection storeConnectionToOpen, DbConnection originalConnection, String exceptionCode, String attemptedOperation, Boolean& closeStoreConnectionOnFailure) +52

Here is the Connection String in my web.config

connection string =


Postgres Server Log

Postgresql server log =
2011-08-24 10:35:28.341 PDTFATAL: accepting GSS security context failed
2011-08-24 10:35:28.341 PDTDETAIL: An unsupported mechanism was requested: unknown mech-code 0 for mech unknown

cjbiggs
Posts: 105
Joined: Fri 15 Jan 2010 19:56

Post by cjbiggs » Fri 26 Aug 2011 14:30

Any update on the GSSAPI implementation? Can you send my sample test application incase I am doing something wrong in my application?

Thanks,

Charlie J.

Post Reply