[MXS-4816] Always fetch PAM username - Jira

XML

Word

Printable

Details

Type: Task
Status: Closed (View Workflow)
Priority: Minor
Resolution: Fixed
Affects Version/s: 23.08.1
Fix Version/s: 24.02.0
Component/s: PAM-Authenticator
Labels:
None

Description

Currently, the pam_get_item(pam_handle, PAM_USER, ...) function call is only ran if mapping is enabled in MaxScale settings. If mapping is enabled, the account is not checked. MariaDB Server always checks both. This means that pam authentication can give different results between MaxScale and Server (most likely when one username is mapped to another and the new user does not exist).

Change MaxScale to match the Server in this respect. Some differences should remain: the new username is only taken into use if mapping is enabled in settings. This way, by default, MaxScale will attempt to log in to server with the original username and server will do the same transformation as MaxScale.

Attachments

Activity

People

Assignee:: Esa Korhonen

Reporter:: Esa Korhonen

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 2023-10-18 13:41

Updated:: 2023-11-03 14:49

Resolved:: 2023-10-26 12:31

Git Integration

Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.