User identification
The user identification and authentication feature is used to verify the identity of users accessing the database and to determine if they can be associated with a specific database user. It also controls the user's access to data in the database based on the permissions of the associated database user.
In seekdb, user authentication refers to the process where a client provides valid user credentials when attempting to access the seekdb server. If the seekdb server confirms that the provided credentials are valid, it allows the client to access seekdb. seekdb uses a protocol called MySQL Authentication Protocol (MAPI) for user authentication. This protocol authenticates users based on their MySQL client account on the client machine. In other words, only clients with the correct username and password can connect to the seekdb server. When a client sends a connection request, the seekdb server sends a random identifier to the client. The client must decode this identifier using the correct username and password and then send the decoded result back to the server. If the result is correct, the seekdb server allows the client to connect.
Example
In seekdb, a user is defined by the combination of user_name and host. Use the following statement to create three users with the same username.
Example:
create user 'u1'@'%' identified by '*******';
create user 'u1'@'10.xxx.xxx.1' identified by '*******';
create user 'u1'@'10.xxx.xxx.2' identified by '*******';
Where:
%: allows any client IP address to connect.10.xxx.xxx.1: allows only the IP address10.xxx.xxx.1to connect.10.xxx.xxx.2: allows only the IP address10.xxx.xxx.2to connect.
When a user logs in, seekdb controls the login based on the match of user_name, client_ip, and password.