Modify the password and privilege checking logic #2372
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
morningman
force-pushed
the
password_match
branch
2 times, most recently
from
4981206 to
156b8f2
Compare
imay
reviewed
Dec 5, 2019
fe/src/main/java/org/apache/doris/mysql/privilege/UserProperty.java
Outdated
Show resolved
Hide resolved
fe/src/main/java/org/apache/doris/mysql/privilege/PrivTable.java
Outdated
Show resolved
Hide resolved
tmp commit 2nd commit fix ut change version to 67 fix show bug fix show bug 2 add doc fix bug 5 rebase master, change metaversion to 68 modify thrift fix by review update version to 69 fix ut
morningman
force-pushed
the
password_match
branch
from
dbddaeb to
a7837ce
Compare
Closed
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Password checking logic
There are some problems with the current password and permission checking logic. For example:
First, we create a user by:
create user cmy@"%" identified by "12345";And then 'cmy' can login with password '12345' from any hosts.
Second, we create another user by:
create user cmy@"192.168.%" identified by "abcde";Because "192.168.%" has a higher priority in the permission table than "%". So when "cmy" try
to login in by password "12345" from host "192.168.1.1", it should match the second permission
entry, and will be rejected because of invalid password.
But in current implementation, Doris will continue to check password on first entry, than let it pass. So we should change it.
Permission checking logic
After a user login, it should has a unique identity which is got from permission table. For example,
when "cmy" from host "192.168.1.1" login, it's identity should be
cmy@"192.168.%". And Dorisshould use this identity to check other permission, not by using the user's real identity, which is
cmy@"192.168.1.1".Black list
Functionally speaking, Doris only support adding WHITE LIST, which is to allow user to login from
those hosts in the white list. But is some cases, we do need a BLACK LIST function.
Fortunately, by changing the logic described above, we can simulate the effect of the BLACK LIST.
For example, First we add a user by:
create user cmy@'%' identified by '12345';And now user 'cmy' can login from any hosts. and if we don't want 'cmy' to login from host A, we
can add a new user by:
create user cmy@'A' identified by 'other_passwd';Because "A" has a higher priority in the permission table than "%". If 'cmy' try to login from A using password '12345', it will be rejected.
ISSUE #2205