stackoom
  简体   繁体   中英

Integrated authentication for mysql

 原文  2008-11-28 11:52:22       mysql/ database/ linux/ security

Question

When working with MSSQL on Windows I was used to a very convenient feature called integrated authentication. In short, being authenticated in Windows can give you access to the database, so no need to give any specific password. Now I am developing an application on Linux with no user interaction; this application needs to access a mysql database for its own purposes, so how do I let it login? I have found that even though by default a root account is created in mysql, this root account has no connection with unix root, I can use it even if I am not a superuser in Linux, and the password is blank. Of course I can create a dedicated user account in mysql for the needs of my application, but in this case I need to hard-code the password somewhere, which is not nice. Once again - there is no user interaction in my application, so no chance for someone to enter the password. I have a distinct feeling that I am missing something important here. Thanks for any advice!

4 answers

solution1
 1  2008-11-28 11:58:55

First, you really should set a password on the mysql root account...

Second, yeah, you're pretty much going to have to put the password somewhere, unless you set up the application account to use a blank password too...

solution2
 0  2008-11-28 12:18:41

You can put the settings in a .my.cnf file: 

[Client]
user=ken
password=ken
host=localhost
database=foo

You can use different config files using the --defaults-file option

Some more info on option files at dev.mysql.com

solution3
 0  2008-11-28 12:20:16

You can hard-code the password, which, as you say, is not particularly nice. Eg in PHP: 

 $connection = mysql_connect('HOSTNAME', 'USERNAME', 'PASSWORD')
   or die('Could not connect: ' . mysql_error());

 mysql_select_db('DATABASE') or die('Could not select database');

Alternatively, you could load the password in from a config file, in which case you could store it in encrypted form, but if someone can see your source-code and see how you decrypt it, they'll be able to decrypt it too.

solution4
 0  2018-10-12 08:52:09

Fast forward ten years and you can now use an authentication socket to login: 

CREATE USER 'user'@'localhost' IDENTIFIED WITH auth_socket;

From the console you can than login directly without password by: 

mysql -u user

Not quite sure how you would do the connection string from other applications in that case, I am still looking for that myself...

This method only works for local connections and not for TCP/IP connections. See MySQL Manual Chapter 11: Enabling Authentication .

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Integrated Security MySQL/VB.NET Mysql authentication Java - Execute a query sent from the Client to the Server with MySQL integrated PHP MySQL authentication error Vitess MySQL authentication is not working Authentication MySQL vs PHP? MySQL Authentication Method Error MySQL Performance without Authentication Mosquitto Authentication with MYSQL Mysql authentication with Active Directory
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM