Database Reference
In-Depth Information
Multi-user authentication
We might want to allow a single copy of phpMyAdmin to be used by a group of
persons, each having their own MySQL username and password, and seeing only the
databases they have rights to. Or we might prefer to avoid having our username and
password in clear text in
config.inc.php
.
Authentication types offered
Instead of relying on a username and password stored in
config.inc.php
,
phpMyAdmin will communicate with the browser and get authentication data from
it. This enables
true login
for all users defined in a specific MySQL server, without
having to define them in the configuration file. There are three modes offered that
allow a controlled login to MySQL via phpMyAdmin—
http
,
cookie
,
and
signon
.
We will have to choose the one that suits our specific situation and environment
(more on this in a moment). The
http
and
cookie
modes may require that we first
define a control user.
The control user
Defining the control user has two purposes:
•
On a MySQL server previous to version 4.1.2 or running with
--skip-show-
database
, the control user permits the use of multi-user authentication. This
aspect is described in the current section.
On all versions of MySQL server, this user is necessary to be able to use the
•
advanced relational features of phpMyAdmin, which are described starting
at Chapter 11.
To be able to use authentication types for every kind of MySQL user (in MySQL, user
privileges may be expressed in various ways), we should define a control user and a
password in the server-specific section of a server. If we do not define one, users who
have been defined in MySQL with a syntax of
'user'@'hostname'
or
'user'@'%'
,
will be able to function normally with phpMyAdmin's features like creating a
database, while others won't.
For authentication purposes, the control user is a special user (the usual name we
choose for it is
pma
) who has the rights to read some fields in the special mysql
database (which contains all the user definitions). phpMyAdmin sends queries
with this special control user only for the specific needs of authentication, and not
for normal operation. The commands to create the control user are available in
phpMyAdmin's
Documentation.html
and may vary from one version to the other.
This documentation contains the most current commands.
Search WWH ::
Custom Search