Uploaded image for project: 'MariaDB MaxScale'
  1. MariaDB MaxScale
  2. MXS-4145

Add support for multi-MaxScale usage.



    • New Feature
    • Status: Closed (View Workflow)
    • Major
    • Resolution: Fixed
    • None
    • 22.08.0
    • nosqlprotocol
    • None


      The authentication mechanisms used by NoSQL and MariaDB are sufficiently dissimilar that nosqlprotocol needs direct access to the SHA1 password of the client, to be able to log into MariaDB on behalf of the it.

      Currently, the SHA1 password is stored in a local sqlite3 database on the MaxScale host. This presents a problem when multiple MaxScale instances are used in front of the same database cluster, as a NoSQL user created via one MaxScale instance is not available on the other.

      This problem can be solved by storing the SHA1 password in a table in the MariaDB server/cluster. That way, irrespective of which MaxScale instance a NoSQL user was created on, it would immediately also be available on the other.

      As anyone with access to that table would be able to impersonate every user in that table, the SHA1 password should be encrypted using a key available only to the MaxScale instances, e.g. by specifying the encryption key in the MaxScale configuration file. That way, the setup would be just as secure/insecure as the current sqlite3 arrangement.




            johan.wikman Johan Wikman
            johan.wikman Johan Wikman
            0 Vote for this issue
            2 Start watching this issue



              Git Integration

                Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.