OS 10.1 27575 connecting to Postrgesql 13

Graeme Harris gfhwalkabout at fastmail.fm
Mon Oct 25 02:19:20 UTC 2021


Hi Doug:

Thank you again for your help.

Checked in PGadmin in postgres 13 and all users have the Encrypted 
Password based on SCRAM-SHA-256,  i do have the libpq.dylib already 
updated to libpq5.13.dylib and libpq.dylib set as an alias to 
libpq5.13.dylib as per the tech note.

For testing purposes I have VCS database set up in postgres 13 which was 
copied over from postgres 11. I have a session definition setup so that 
when omnis is started it opens up the login to the VCS on the server, 
this is where I am getting my error.



On 10/24/21 2:03 pm, Doug Easterbrook wrote:
> hi Graeme:
>
> My suggestion is only about security of connection — and I assume you 
> are logging in with the omnis $login command and a user id/password.
>
> if you use PGadmin and look in your list of users in the database with 
> postgres 13, you should see any of the SQL userids with an ENCRYPTED 
> PASSWORD that is based on 'SCRAM-SHA-256’.   kind of like below.
>
> CREATE ROLE myLoginId WITH
>   LOGIN
>   NOSUPERUSER
>   INHERIT
>   NOCREATEDB
>   CREATEROLE
>   NOREPLICATION
>   ENCRYPTED PASSWORD 
> 'SCRAM-SHA-256$4096:3GqIo+6oU0CZUAoacpQLIQ==$ZY8HovRcbaxEsGXmef1LaGMwYAZgsKp28rEMaSy0HYw=:Am5vEw4+dWVSHFr9NqpxnZlQqPyFTfqJ2n2ij0ZcxTE=';
>
>
> or, if you upgraded the db from earlier postgres, it may still look 
> like below with an ‘md5’ at the beginning of the ENCRYPTED PASSWORD.
>
> CREATE ROLE "myLoginId" WITH
>   LOGIN
>   SUPERUSER
>   INHERIT
>   NOCREATEDB
>   NOCREATEROLE
>   NOREPLICATION
>   ENCRYPTED PASSWORD 'md5c1c58fafef0f66b765dbe136f23755a2';
>
>
>
>
> older databases use  ‘MD5’ encryption and you can still use that to 
> create users in postgres 13 via SQL
>
> the SCRAM-SHA-256 is postgres new way of creating a 1-way hash on the 
> password — and that hash is more secure than MD5.     SCRAM was 
> introduced in postgres 11.
>
> more discussion on this is 
> https://www.postgresql.org/docs/11/auth-password.html
>
>
>
>
> now,   if you can’t connect to a database with a password that is 
> SCRAM-SHA-256 , then I suspect you’ll need to update your libpq.dll to 
> one that supports at least postgres 11.
>
>
> do have a look at your users via pgadmin..  depending on what you 
> indicate, I can send you a version of libpq that will work for 
> authenticated logins that we’ve been using for a long while. with 
> postgres 11,12,13 and 14.
>
>
> *
> **Doug Easterbrook*
> *Arts Management Systems Ltd.*
> mailto:doug at artsman.com <mailto:doug at artsman.com>
> http://www.artsman.com
> Phone (403) 650-1978



More information about the omnisdev-en mailing list