hcq/MaxScale
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

MXS-862: Implement GSSAPI backend authentication

Browse Source 
The GSSAPI backend authentication is based on tokens.  The server first
sends the service principal name which is used for token generation. The
client then retrieves a token from the GSSAPI server which it sends to the
backend server. If the server can verify the authenticity of the token,
authentication is successful.

This module can be used with both GSSAPIAuth and MySQLAuth modules.
This commit is contained in:
Markus Makela
2016-10-05 22:59:25 +03:00
parent 5d96faedd8
commit a2a8562c39
5 changed files with 191 additions and 48 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
server/modules/protocol/MySQL/mysql_common.c
View File

@ -1354,7 +1354,7 @@ mxs_auth_state_t gw_send_backend_auth(DCB *dcb)
*/
const char* auth_plugin_name = DEFAULT_MYSQL_AUTH_PLUGIN;
long bytes = response_length(conn, local_session.user, local_session.client_sha1,
long bytes = response_length(conn, local_session.user, curr_passwd,
local_session.db, auth_plugin_name);
// allocating the GWBUF