Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Enhancement] Authentication feature of ShardingProxy #8966

Closed
19 tasks done
tristaZero opened this issue Jan 10, 2021 · 0 comments
Closed
19 tasks done

[Enhancement] Authentication feature of ShardingProxy #8966

tristaZero opened this issue Jan 10, 2021 · 0 comments
Assignees
@jingshanglu @menghaoranss
Labels
feature:authority in: proxy type: enhancement
Milestone
5.0.0

Comments

@tristaZero
Copy link
Contributor

tristaZero commented Jan 10, 2021
edited

Introduction

This feature is the same as the authentication of MySQL or PostgreSQL. ShardingProxy has to do access control when users login in.

Three key points need to clarify

  • This issue is an enhancement feature for the current Authentication module
  • All users configured in server.yaml of ShardingProxy still work and are seen as system users.
  • We will leverage the access-control power of different Databases

Tasks

Load

  • Get users from DB and Configuration
  • Load the privilege information from databases
  • Merge privileges by rules
  • Refactor API and user configuration
  • Different implement of loading privileges from Oracle/Pg/SQLServer

Refresh

  • ShardingProxy supports create user SQL, which will be pushed down to databases
  • ShardingProxy supports grant SQL, which will be pushed down to database
  • ShardingProxy supports revoke SQL, which will be pushed down to databases
  • Refresh users and reload privileges for the SQLs above

Check

Login

  • Get the IP or hostname once users login
  • Get the user name, password once users login
  • Check users' name and password
  • SQL check interface and framework
  • SQL checking for use DB and show DB
  • SQL checking for other SQLs

Tests

  • PrivilegeBuilder
  • PrivilegeMerger
  • PrivilegeLoader
  • MetadataRefreshEngine
@tristaZero tristaZero added this to the 5.0.0-beta milestone Jan 10, 2021
This was referenced Jan 31, 2021
Merged
Merged
Merged
Merged
Merged
Merged
Merged
Merged
Merged
Merged
Closed
This was referenced Feb 7, 2021
Merged
Merged
Merged
Merged
@jingshanglu jingshanglu mentioned this issue Feb 9, 2021
Merged
@tristaZero tristaZero mentioned this issue Feb 9, 2021
Merged
@jingshanglu jingshanglu mentioned this issue Feb 22, 2021
Merged
@tristaZero tristaZero mentioned this issue Feb 26, 2021
Merged
This was referenced Mar 3, 2021
Closed
Merged
@menghaoranss menghaoranss self-assigned this Mar 9, 2021
This was referenced Mar 10, 2021
Merged
Merged
This was referenced Mar 17, 2021
Merged
Merged
@tristaZero tristaZero mentioned this issue Mar 22, 2021
Merged
@jingshanglu jingshanglu mentioned this issue Mar 24, 2021
Merged
This was referenced Mar 25, 2021
Merged
Closed
Closed
Closed
This was referenced Apr 7, 2021
Merged
Merged
Merged
@tristaZero tristaZero modified the milestones: 5.0.0-beta, 5.0.0-RC1 Jun 10, 2021
@RaigorJiang RaigorJiang mentioned this issue Jul 22, 2021
Closed
@terrymanu terrymanu mentioned this issue Sep 26, 2021
Closed
9 tasks
@menghaoranss menghaoranss modified the milestones: 5.0.0-RC1, 5.0.0 Oct 26, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@jingshanglu jingshanglu

@menghaoranss menghaoranss

Labels
feature:authority in: proxy type: enhancement
Projects
None yet
Milestone
5.0.0
Development

Successfully merging a pull request may close this issue.

Add handler for createUser of MySQL jingshanglu/shardingsphere
4 participants
@terrymanu @jingshanglu @tristaZero @menghaoranss