mirror/mariadb
1
0
Fork 0
mirror of https://github.com/MariaDB/server.git synced 2026-01-22 03:15:01 +01:00
Code Issues Projects Releases Packages Wiki Activity
mariadb/plugin/auth_gssapi/mysql-test/auth_gssapi/groups.test
Vladislav Vaintroub 125e172a2b MDEV-26715 Windows/installer - allow passwordless login for root 
Allow passwordless login in addition to usual login with password, when
creating 'root' user during install.

The effect of that change is that "local administrators" group are
allowed to connect as root user. This is done via gssapi authentication
plugin.

Clients that are not aware of gssapi client plugin, can still login with
password credentials.
2022-11-08 14:58:47 +01:00

70 lines
No EOL
2.1 KiB
Text
Raw Permalink Blame History

source include/windows.inc;
--replace_regex /name '[^']+'/name 'localhost'/
# Invalid group name
CREATE USER 'nosuchgroup' IDENTIFIED WITH gssapi AS 'GROUP:nosuchgroup';
replace_result $MASTER_MYSOCK MASTER_MYSOCK $MASTER_MYPORT MASTER_MYPORT;
error ER_ACCESS_DENIED_ERROR;
connect (con1,localhost,nosuchuser,,);
DROP USER nosuchgroup;
# Group with no members, NULL SID
CREATE USER 'nullsid' IDENTIFIED WITH gssapi AS 'SID:S-1-0-0';
replace_result $MASTER_MYSOCK MASTER_MYSOCK $MASTER_MYPORT MASTER_MYPORT;
error ER_ACCESS_DENIED_ERROR;
connect (con1,localhost,nullsid,,);
DROP USER nullsid;
# Anonymous
CREATE USER 'anonymous' IDENTIFIED WITH gssapi AS 'SID:AN';
replace_result $MASTER_MYSOCK MASTER_MYSOCK $MASTER_MYPORT MASTER_MYPORT;
error ER_ACCESS_DENIED_ERROR;
connect (con1,localhost,anonymous,,);
DROP USER anonymous;
# Positive tests
# Everyone group
CREATE USER 'group_everyone' IDENTIFIED WITH gssapi AS 'GROUP:Everyone';
replace_result $MASTER_MYSOCK MASTER_MYSOCK $MASTER_MYPORT MASTER_MYPORT;
connect (con1,localhost,group_everyone,,);
disconnect con1;
connection default;
DROP USER group_everyone;
# Everyone AS well-known SID name
CREATE USER 'sid_wd' IDENTIFIED WITH gssapi AS 'SID:WD';
replace_result $MASTER_MYSOCK MASTER_MYSOCK $MASTER_MYPORT MASTER_MYPORT;
connect (con1,localhost,sid_wd,,);
disconnect con1;
connection default;
DROP USER sid_wd;
# Everyone AS SID S-1-1-0
CREATE USER 'S_1_1_0' IDENTIFIED WITH gssapi AS 'SID:S-1-1-0';
replace_result $MASTER_MYSOCK MASTER_MYSOCK $MASTER_MYPORT MASTER_MYPORT;
connect (con1,localhost,S_1_1_0,,);
disconnect con1;
connection default;
DROP USER S_1_1_0;
replace_result $GSSAPI_SHORTNAME GSSAPI_SHORTNAME;
eval CREATE USER 'me_short' IDENTIFIED WITH gssapi AS 'GROUP:$GSSAPI_SHORTNAME';
replace_result $MASTER_MYSOCK MASTER_MYSOCK $MASTER_MYPORT MASTER_MYPORT;
connect (con1,localhost,me_short,,);
disconnect con1;
connection default;
DROP USER me_short;
replace_result $SID MY-SID;
eval CREATE USER 'me_sid' IDENTIFIED WITH gssapi AS 'SID:$SID';
replace_result $MASTER_MYSOCK MASTER_MYSOCK $MASTER_MYPORT MASTER_MYPORT;
connect (con1,localhost,me_sid,,);
disconnect con1;
connection default;
DROP USER me_sid;
Reference in a new issue View git blame Copy permalink