MySQL 5.5 is currently in the Release Candidate phase and making
good
progress on the way to being a Generally Available release.
There
are many new features that will improve performance, make
service
more robust, and generally make life better for DBAs. But
since
5.5.7 was released for evaluation in October, there has not been
a
lot of attention given to the changes in authentication.
To greatly simplify, MySQL has a table with a list of users and
a
list of hosts from which those users are allowed access. So
user
'jones' and the host they connect from are checked to make sure
they
are allowed access. If they match, they can access the
instance.
As of 5.5.7, MySQL authentication now supports pluggable
authentication and proxies. So now you can use PAM, Windows
native
authentication, LDAP, or something similar to control user
accounts.
Or …
I just saw that MySQL 5.5.7 RC had been released, and reading the
releasenotes made me more than a fair bit suspicious. In some
kind of general agreement on what constitutes a "beta" release,
this is when the software has reached a level of maturity when no
more major features are to be introduced. MySQL (and many others)
has broken that rule at times, and the rule is not enforced or
something.
What constitutes an RC release though, in my mind, but I really
want to know what you think, is software that is really 100%
feature complete. There may be, but hopefully there aren't, even
any major bugs to iron out. In short, it is "A Candidate to
Release", and as close to GA as you can get. I have not seen this
rule broken much, really.
With MySQL 5.5.7, this is an rc, as was the previous release,
5.5.6, and this time there is a really major feature introduced
between these two release, pluggable authentication. And before I …
A key differentiator in Drizzle from it’s original MySQL roots is user based authentication. Gone is the host/user and schema/table/column model that was stored in the MyISAM based mysql.user table.
Authentication is now completely pluggable, leveraging existing systems such as PAM, LDAP via PAM and Http authentication.
In this post I’ll talk about HTTP authentication which requires an external http server to implement successfully. You can look at Part 1 for …
[Read more]
This Thursday (February 25th, 13:00 UTC - way
earlier than usual!), Darren Cassar will present Securich - Security Plugin for MySQL.
According to Darren, the author of the plugin, Securich is an
incredibly handy and versatile tool for managing user privileges
on MySQL through the use of roles. It basically makes granting
and revoking rights a piece of cake, not to mention added
security it provides through password expiry and password
history, the customization level it permits, the fact that it
runs on any MySQL 5.0 or later and it's easily deployable on any
official MySQL binary, platform independent.
More information here: http://www.securich.com/about.html.
For MySQL University sessions, point your …
[Read more]
This Thursday (February 25th, 13:00 UTC - way
earlier than usual!), Darren Cassar will present Securich - Security Plugin for MySQL.
According to Darren, the author of the plugin, Securich is an
incredibly handy and versatile tool for managing user privileges
on MySQL through the use of roles. It basically makes granting
and revoking rights a piece of cake, not to mention added
security it provides through password expiry and password
history, the customization level it permits, the fact that it
runs on any MySQL 5.0 or later and it's easily deployable on any
official MySQL binary, platform independent.
More information here: http://www.securich.com/about.html.
For MySQL University sessions, point your …
[Read more]
This Thursday (February 25th, 13:00 UTC - way
earlier than usual!), Darren Cassar will present Securich - Security Plugin for MySQL.
According to Darren, the author of the plugin, Securich is an
incredibly handy and versatile tool for managing user privileges
on MySQL through the use of roles. It basically makes granting
and revoking rights a piece of cake, not to mention added
security it provides through password expiry and password
history, the customization level it permits, the fact that it
runs on any MySQL 5.0 or later and it's easily deployable on any
official MySQL binary, platform independent.
More information here: http://www.securich.com/about.html.
For MySQL University sessions, point your …
[Read more]Reminder, mark you callendar:
Wednesday January 27th, Join the Sun Startup Essentials Webinar on Security for Web Applications.
A key success factor for Web startups is to protect their applications and data from different security threats. Join this webinar to learn about security challenges and about key solutions such as encryption, authentication, certificates, secure and fault-tolerant storage, chrooted environments. The Sun Startup Essentials experts will also cover how to implement these solutions at minimal cost by using standard and open components such as Solaris, Apache, MySQL, ZFS and more.
Registration limited to members of the Sun Startup Essentials program.
Your company is less than 6 year and 150 employee: Join Sun Startup Essentials >>
Reminder, mark you callendar:
Wednesday January 27th, Join the Sun Startup Essentials Webinar on Security for Web Applications.
A key success factor for Web startups is to protect their applications and data from different security threats. Join this webinar to learn about security challenges and about key solutions such as encryption, authentication, certificates, secure and fault-tolerant storage, chrooted environments. The Sun Startup Essentials experts will also cover how to implement these solutions at minimal cost by using standard and open components such as Solaris, Apache, MySQL, ZFS and more.
Registration limited to members of the Sun Startup Essentials program.
Your company is less than 6 year and 150 employee: Join Sun Startup Essentials >>
Reminder, mark you callendar:
Wednesday January 27th, Join the Sun Startup Essentials Webinar on Security for Web Applications.
A key success factor for Web startups is to protect their applications and data from different security threats. Join this webinar to learn about security challenges and about key solutions such as encryption, authentication, certificates, secure and fault-tolerant storage, chrooted environments. The Sun Startup Essentials experts will also cover how to implement these solutions at minimal cost by using standard and open components such as Solaris, Apache, MySQL, ZFS and more.
Registration limited to members of the Sun Startup Essentials program.
Your company is less than 6 year and 150 employee: Join Sun Startup Essentials >>