Logo
Authority

Authority #

It is used to set up initial user to login compute node, and authority data of storage node.

Configuration Item Explanation #

authority:
  users:
    - user: # Specify the username, and authorized host for logging in to the compute node. Format: <username>@<hostname>. When the hostname is % or an empty string, it indicates that the authorized host is not limited.
      password: # Password
  privilege:
    type: # Privilege provider type. The default value is ALL_PERMITTED.

Example #

ALL_PERMITTED #

authority:
  users:
    - user: root@localhost
      password: root
    - user: my_user@
      password: pwd
  privilege:
    type: ALL_PERMITTED

The above configuration indicates:

  • The user root can connect to Proxy only through localhost, and the password is root.
  • The user my_user can connect to Proxy through any host, and the password is pwd.
  • The privilege type is ALL_PERMITTED, which indicates that users are granted all authorities by default without authentication.

DATABASE_PERMITTED #

authority:
  users:
    - user: root@localhost
      password: root
    - user: my_user@
      password: pwd
  privilege:
    type: DATABASE_PERMITTED
    props:
      user-database-mappings: root@=sharding_db, root@=test_db, my_user@127.0.0.1=sharding_db

The above configuration means:

  • The user root can access sharding_db when connecting from any host
  • The user root can access test_db when connecting from any host
  • The user my_user can access sharding_db only when connected from 127.0.0.1

Refer to Authority Provider for more implementations.