Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-11340

Allow multiple alternative authentication methods for the same user

    XMLWordPrintable

    Details

      Description

      In some cases there is a need to authenticate the same user in different means, more specifically multiple different authentications methods, or IDENTIFIED BY clauses for the same user. The adjusted CREATE USER syntax would allow multiple IDENTIFIED BY sections for one single user.

      Questions:

      • What logic should be applied? All of authentication methods should succeed? One of them should succeed? Should we allow complex rules like (first_auth OR second_auth) AND third_auth ? Or, instead of AND/OR may be we should go with PAM model or sufficient/required/etc?
      • What syntax should be used?
      • stuff like SET PASSWORD — will they be not allowed? allowed? if allowed, how will they work?
      • where the new authentication rules will be stored, in what table, what columns?

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              serg Sergei Golubchik
              Reporter:
              karlsson Anders Karlsson
              Votes:
              1 Vote for this issue
              Watchers:
              16 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: