[MXS-4688] Xpand unable to authenticate native users with maxscale passthrough - Jira

XML

Word

Printable

Details

Type: Bug
Status: Closed (View Workflow)
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 23.08.0
Component/s: Authenticator
Labels:
None
Environment:

Hide
Xpand Build : transylvania-18710 (beta 1)
MaxScale :
https://mdbe-ci-repo.mariadb.net/public/Maxscale/MXS-4506_2807b/centos/7/x86_64/maxscale-99.99.99-1.rhel.7.x86_64.rpm

Show
Xpand Build : transylvania-18710 (beta 1) MaxScale : https://mdbe-ci-repo.mariadb.net/public/Maxscale/MXS-4506_2807b/centos/7/x86_64/maxscale-99.99.99-1.rhel.7.x86_64.rpm

Description

With the authentication plugin set to clearpw_passthrouh, ldap users passed
through by maxscale are getting authenticated by xpand. But native xpand users
are not able to.

maxscale listner config:
==================
authenticator=pamauth
authenticator_options=pam_backend_mapping=clearpw_passthrough

client connection via maxscale
======================
[root@mcrae ~]# mysql --ssl -h mcrae -P 3307 -u xpanduser1 -ppassword
ERROR 1045 (HY000): [40960] Access denied: for user 'xpanduser1'@'10.2.12.190'
(using password: NO)

maxscale log:
==========
2023-07-31 11:00:37 info : (3) [MariaDBProtocol] Client from '10.2.12.190' is in progress of connecting to service 'Read-Only-Service' with SSL.
2023-07-31 11:00:37 info : (3) [MariaDBProtocol] Connection attributes: no attributes
2023-07-31 11:00:37 info : (3) [readconnroute] (Read-Only-Service); New session for server xpand1. Connections : 1
2023-07-31 11:00:37 info : (3) Started Read-Only-Service client session [3] for 'xpanduser1' from 10.2.12.190
2023-07-31 11:00:37 info : (3) Connected to 'xpand1' with thread id 318466
2023-07-31 11:00:37 error : (3) Authentication to 'xpand1' failed: 1045, #HY000: [40960] Access denied: for user 'xpanduser1'@'10.2.12.190' (using password: NO)
2023-07-31 11:00:37 error : (3) (Read-Only-Service); Authentication to 'xpand1' failed: 1045, #HY000: [40960] Access denied: for user 'xpanduser1'@'10.2.12.190' (using password: NO) (xpand1)
2023-07-31 11:00:37 info : (3) Stopped Read-Only-Service client session [3]
2023-07-31 11:00:37 info : Read 7 user@host entries from 'xpand1' for service 'Read-Only-Service'. The data was identical to existing user data.

Xpand log:
=======
2023-07-31 11:00:37.900626 UTC nid 2 oak012white.colo.sproutsys.com clxnode: INFO mysql/server/mysql_proto.c:180 auth_error(): Error authenticating Xpand user 'xpanduser1'@'10.2.12.190': Access denied: for user 'xpanduser1'@'10.2.12.190' (using password: NO)

With the above authentication settings we should allow both ldap and
native xpand users.

Attachments

Activity

People

Assignee:: Esa Korhonen

Reporter:: Daman Saini (Inactive)

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Dates

Created:: 2023-07-31 21:57

Updated:: 2023-09-13 05:52

Resolved:: 2023-09-04 10:38

Git Integration

Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.