1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
|
#
# setting authentication for roles
#
--source include/not_embedded.inc
#identified by [password]...
#identified with ... [using ...]
#require [subject][issuer][cipher][ssl][x509]
# max_queries_per_hour | max_updates_per_hour | max_connections_per_hour | max_user_connections
#set password for ... = ...
set sql_mode='';
create role r1;
# IDENTIFIED does not apply to roles, using it forces username context
grant select on *.* to r1 identified by 'foobar';
drop user r1;
grant select on *.* to r1 identified by '';
drop user r1;
grant select on mysql.user to r1 identified by password '00000000000000000000000000000000000000000';
drop user r1;
--error ER_PLUGIN_IS_NOT_LOADED
grant select on *.* to r1 identified via plugin;
--error ER_PLUGIN_IS_NOT_LOADED
grant select on mysql.user to r1 identified via plugin using 'param';
# same for REQUIRE and mqh
grant select on *.* to r1 require subject 'foobar';
drop user r1;
grant select on mysql.user to r1 require issuer 'foobar';
drop user r1;
grant select on *.* to r1 require cipher 'foobar';
drop user r1;
grant select on mysql.user to r1 require ssl;
drop user r1;
grant select on *.* to r1 require x509;
drop user r1;
grant select on mysql.user to r1 require none;
drop user r1;
grant select on *.* to r1 with max_queries_per_hour 10;
drop user r1;
grant select on mysql.user to r1 with max_updates_per_hour 10;
drop user r1;
grant select on *.* to r1 with max_connections_per_hour 10;
drop user r1;
grant select on mysql.user to r1 with max_user_connections 10;
drop user r1;
--error ER_PASSWORD_NO_MATCH
set password for r1 = '00000000000000000000000000000000000000000';
drop role r1;
|
