Network Security Internet Technology Development Database Servers Mobile Phone Android Software Apple Software Computer Software News IT Information

In addition to Weibo, there is also WeChat

Please pay attention

WeChat public account

Shulou

Implementing rols Management with MySQL5.7-proxy

2025-02-24 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Database >

Share

Shulou(Shulou.com)06/01 Report--

1. Background

* the concept of roles manages database access. Depending on the settings of the role itself, a role can be thought of as a database user, or a group of database users. Roles can have database objects (for example, tables) and can assign permissions on those objects to other roles to control who has access to which objects. In addition, we can also grant the membership permissions of one role to other roles, thus allowing the member role to use the permissions of the role to which it is given member permissions.

* MySQL 5.7 began to use the 'proxy' agent to implement similar' rols' role management functions.

two。 Environment

* MySQL Server

Server version: 5.7.18 MySQL Community Server (GPL) Copyright (c) 2000, 2017, Oracle and/or its affiliates. All rights reserved.Oracle is a registered trademark of Oracle Corporation and/or itsaffiliates. Other names may be trademarks of their respectiveowners.Type 'help;' or'\ h' for help. Type'\ c'to clear the current input statement.mysql > select version (); +-+ | version () | +-+ | 5.7.18 | +-+ 1 row in set (0.00 sec)

3. Realize

* enable proxy user mapping

Mysql > SET @ @ global.check_proxy_users = ON;Query OK, 0 rows affected (0.00 sec) mysql > SET @ @ global.mysql_native_password_proxy_users = ON;Query OK, 0 rows affected (0.00 sec)

* create role (rols) users

Mysql > create user 'rols_it'@'127.0.0.1';Query OK, 0 rows affected (0.01 sec)

* create a normal user tom

Mysql > create user 'tom'@'127.0.0.1' identified by' 123456 question question OK, 0 rows affected (0.00 sec)

* add tom users to roles through proxy

Mysql > grant proxy on 'rols_it'@'127.0.0.1' to' tom'@'127.0.0.1';Query OK, 0 rows affected (0.00 sec)

4. test

* create a test database it

Mysql > create database it;Query OK, 1 row affected (0.00 sec)

* add database it view permission to the role (rols)

Mysql > grant select ON it.* TO 'rols_it'@'127.0.0.1';Query OK, 0 rows affected (0.00 sec)

* View role permissions

Mysql > show grants for 'rols_it'@'127.0.0.1' +-- + | Grants for rols_it@127.0.0.1 | +- -+ | GRANT USAGE ON *. * TO 'rols_it'@'127.0.0.1' | | GRANT SELECT ON `it`.* TO' rols_it'@'127.0.0.1' | +-+ 2 rows in set (0.01 sec)

* View tom user rights

Mysql > show grants for 'tom'@'127.0.0.1' +-- + | Grants for tom@127.0.0.1 | +-- -- + | GRANT USAGE ON *. * TO 'tom'@'127.0.0.1' | | GRANT PROXY ON' rols_it'@'127.0.0.1' TO 'tom'@'127.0.0.1' | +- -- + 2 rows in set (0.00 sec)

* log in to MySQL through tom users

[root@MySQL mysql_data] # mysql-utom-p123456-h227.0.0.1mysql: [Warning] Using a password on the command line interface can be insecure.Welcome to the MySQL monitor. Commands end with; or\ g.Your MySQL connection id is 14Server version: 5.7.18-log MySQL Community Server (GPL) Copyright (c) 2000, 2017, Oracle and/or its affiliates. All rights reserved.Oracle is a registered trademark of Oracle Corporation and/or itsaffiliates. Other names may be trademarks of their respectiveowners.Type 'help;' or'\ h' for help. Type'\ c' to clear the current input statement.mysql > show databases;+-+ | Database | +-+ | information_schema | | it | +-+ 2 rows in set (0.00 sec)

5. Summary

In order to demand-driven technology, there is no difference in technology itself, only in business.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

Views: 0

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.

Share To

Database

Wechat

© 2024 shulou.com SLNews company. All rights reserved.

12
Report