PostgreSQL: scram-sha-256 authentication?

KarenA · December 16, 2021, 11:41pm

First I am clueless about such things so forgive me if I am asking dumb questions.

Locking at the docs on the PostgreSQL website for the current version, it prefers the use of SCRAM-SHA-256 authentication, as it is the most secure, but says that it is not supposed by older libraries which use md5.

the Xojo PostgreSQLDatabse docs:

http://documentation.xojo.com/api/databases/postgresqldatabase.html

only say the Xojo plugin supports md5. It says nothing about scram-sha-256… so I assumed Xojo did not support it…

I was going to file a feedback to support scram-sha-256, but i found in feedback that apparently it has been implemented…

As the docs are silent on scram-sha-256, if out actually does support it, is there anything I need to specify on the DB instance for it to use scram-sha-256, or is that handled by the plugin through handshaking with the server?

Thanks,
-Karen

Rick_Araujo · December 17, 2021, 12:09am

I think that Xojo 2021 2.1+ handles it. Because I remember a mention of it having the libpq client library updated to version 13.2 in all platforms in that release.

KarenA · December 17, 2021, 12:27am

So it is an omission in the docs I guess.

Do I somehow have to tell the plugin what type of authentication to use or does it figure it out itself?

Another question on logging in… The Postgre Docs say if no timeout is specified, it will wait forever to connect … Does the plugin have a default connection timeout built, in or do we need to specify one?

-Karen

MarkusR · December 17, 2021, 6:55am

i remember it came with postgre 13.x
12.x was ok for xojo.

xojo made adjustments (i believe in 2021) as rick said.