[MDEV-26339] Account specifics to be handled before proxying - Jira

Details

Type: Bug
Status: Closed (View Workflow)
Priority: Critical
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 10.4.23, 10.5.14, 10.6.6
Component/s: Authentication and Privilege System
Labels:
None

Description

account locking should apply to the account before proxying
ssl checks should be done before proxying
password expiration should be checked before proxying

Attachments

Activity

Ascending order - Click to sort in descending order

Vladislav Vaintroub added a comment - 2021-08-10 16:44 - edited

maybe account locking should apply both before and after proxying, for both accounts, anyway this is a little ambiguous.

Vladislav Vaintroub added a comment - 2021-08-10 16:44 - edited maybe account locking should apply both before and after proxying, for both accounts, anyway this is a little ambiguous.

Ralf Gebhardt added a comment - 2021-08-10 17:35

True, none of the accounts should be used if locked.

Ralf Gebhardt added a comment - 2021-08-10 17:35 True, none of the accounts should be used if locked.

Ralf Gebhardt added a comment - 2021-08-23 19:04

This has been discussed again. Only for the connecting user it should be checked if the account is locked. After proxying is an internal usage, like done with other locked system accounts

Ralf Gebhardt added a comment - 2021-08-23 19:04 This has been discussed again. Only for the connecting user it should be checked if the account is locked. After proxying is an internal usage, like done with other locked system accounts

People

Assignee:: Sergei Golubchik

Reporter:: Ralf Gebhardt

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 2021-08-10 16:20

Updated:: 2024-07-07 21:16

Resolved:: 2022-01-17 18:56

Git Integration

Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.

MariaDB Server