480 lines
16 KiB
Plaintext
480 lines
16 KiB
Plaintext
|
|
|
|
=======================================================================================
|
|
Checking the password expiry with the users created with all 3 plugable authentication
|
|
=======================================================================================
|
|
|
|
set @default_plugin= @@global.default_authentication_plugin;
|
|
Creating a user with respect to all the 2 password authentication plugin
|
|
**** Creating user with @default_plugin plugin
|
|
CREATE USER 'Tanjotuser1'@'localhost' IDENTIFIED BY 'abc';
|
|
**** Creating user with sha256_password plugin
|
|
CREATE USER 'Tanjotuser3'@'localhost' IDENTIFIED WITH 'sha256_password';
|
|
SET PASSWORD for 'Tanjotuser3'@'localhost' = 'abc';
|
|
**** Validating the plugin names
|
|
select (select plugin from mysql.user where User='Tanjotuser1' and Host='localhost')=@default_plugin;
|
|
(select plugin from mysql.user where User='Tanjotuser1' and Host='localhost')=@default_plugin
|
|
1
|
|
1 Expected
|
|
select (select plugin from mysql.user where User='Tanjotuser3' and Host='localhost')='sha256_password';
|
|
(select plugin from mysql.user where User='Tanjotuser3' and Host='localhost')='sha256_password'
|
|
1
|
|
1 Expected
|
|
**** Validating the password expiry flag in the mysql.user table
|
|
select (select password_expired from mysql.user where User='Tanjotuser1' and Host='localhost')='N';
|
|
(select password_expired from mysql.user where User='Tanjotuser1' and Host='localhost')='N'
|
|
1
|
|
1 Expected
|
|
select (select password_expired from mysql.user where User='Tanjotuser3' and Host='localhost')='N';
|
|
(select password_expired from mysql.user where User='Tanjotuser3' and Host='localhost')='N'
|
|
1
|
|
1 Expected
|
|
**** Expirying password from root login for the 2 created users
|
|
Alter user 'Tanjotuser1'@'localhost' password expire;
|
|
ERROR 42000: Access denied; you need (at least one of) the CREATE USER privilege(s) for this operation
|
|
select 1;
|
|
1
|
|
1
|
|
1 Expected
|
|
Alter user 'Tanjotuser3'@'localhost' password expire;
|
|
ERROR 42000: Access denied; you need (at least one of) the CREATE USER privilege(s) for this operation
|
|
select 1;
|
|
1
|
|
1
|
|
1 Expected
|
|
**** Validating the password expiry flag in the mysql.user table should not be altered
|
|
select (select password_expired from mysql.user where User='Tanjotuser1' and Host='localhost')='N';
|
|
(select password_expired from mysql.user where User='Tanjotuser1' and Host='localhost')='N'
|
|
1
|
|
1 Expected
|
|
select (select password_expired from mysql.user where User='Tanjotuser3' and Host='localhost')='N';
|
|
(select password_expired from mysql.user where User='Tanjotuser3' and Host='localhost')='N'
|
|
1
|
|
1 Expected
|
|
**** These 2 users still should be able to login and work properly
|
|
select 1;
|
|
1
|
|
1
|
|
1 Expected
|
|
select 1;
|
|
1
|
|
1
|
|
1 Expected
|
|
**** Expirying password from root login for the 2 created users using Alter user
|
|
Alter user 'Tanjotuser1'@'localhost' password expire;
|
|
Alter user 'Tanjotuser3'@'localhost' password expire;
|
|
**** Validating the password expiry flag in the mysql.user table
|
|
select (select password_expired from mysql.user where User='Tanjotuser1' and Host='localhost')='Y';
|
|
(select password_expired from mysql.user where User='Tanjotuser1' and Host='localhost')='Y'
|
|
1
|
|
1 Expected
|
|
select (select password_expired from mysql.user where User='Tanjotuser3' and Host='localhost')='Y';
|
|
(select password_expired from mysql.user where User='Tanjotuser3' and Host='localhost')='Y'
|
|
1
|
|
1 Expected
|
|
**** checking user access after password expiry
|
|
select 1;
|
|
ERROR HY000: You must reset your password using ALTER USER statement before executing this statement.
|
|
select 1;
|
|
ERROR HY000: You must reset your password using ALTER USER statement before executing this statement.
|
|
At the same time the open sessions for these users should able to work properly.
|
|
select 1;
|
|
1
|
|
1
|
|
1 Expected
|
|
select 1;
|
|
1
|
|
1
|
|
1 Expected
|
|
setting passwords from the new connections.
|
|
select 1;
|
|
ERROR HY000: You must reset your password using ALTER USER statement before executing this statement.
|
|
set password='abcd';
|
|
select 1;
|
|
1
|
|
1
|
|
1 Expected
|
|
select (select password_expired from mysql.user where User='Tanjotuser1' and Host='localhost')='N';
|
|
(select password_expired from mysql.user where User='Tanjotuser1' and Host='localhost')='N'
|
|
1
|
|
1 Expected
|
|
select 1;
|
|
ERROR HY000: You must reset your password using ALTER USER statement before executing this statement.
|
|
set password='abcd';
|
|
select 1;
|
|
1
|
|
1
|
|
1 Expected
|
|
select (select password_expired from mysql.user where User='Tanjotuser3' and Host='localhost')='N';
|
|
(select password_expired from mysql.user where User='Tanjotuser3' and Host='localhost')='N'
|
|
1
|
|
1 Expected
|
|
**** logging the 2 users with the new passwords
|
|
select 1;
|
|
1
|
|
1
|
|
1 Expected
|
|
select 1;
|
|
1
|
|
1
|
|
1 Expected
|
|
Disconnecting the open sessions and dropping the created users
|
|
drop user 'Tanjotuser1'@'localhost';
|
|
drop user 'Tanjotuser3'@'localhost';
|
|
|
|
|
|
=======================================================================================
|
|
Checking the password expiry using the update command on mysql.user table
|
|
=======================================================================================
|
|
|
|
Creating a user with respect to all the 2 password authentication plugin
|
|
**** Creating user with @default_plugin plugin
|
|
CREATE USER 'Tanjotuser1'@'localhost' IDENTIFIED BY 'abc';
|
|
**** Creating user with sha256_password plugin
|
|
CREATE USER 'Tanjotuser3'@'localhost' IDENTIFIED WITH 'sha256_password';
|
|
SET PASSWORD for 'Tanjotuser3'@'localhost' = 'abc';
|
|
**** Validating the plugin names
|
|
select (select plugin from mysql.user where User='Tanjotuser1' and Host='localhost')=@default_plugin;
|
|
(select plugin from mysql.user where User='Tanjotuser1' and Host='localhost')=@default_plugin
|
|
1
|
|
1 Expected
|
|
select (select plugin from mysql.user where User='Tanjotuser3' and Host='localhost')='sha256_password';
|
|
(select plugin from mysql.user where User='Tanjotuser3' and Host='localhost')='sha256_password'
|
|
1
|
|
1 Expected
|
|
**** Validating the password expiry flag in the mysql.user table
|
|
select (select password_expired from mysql.user where User='Tanjotuser1' and Host='localhost')='N';
|
|
(select password_expired from mysql.user where User='Tanjotuser1' and Host='localhost')='N'
|
|
1
|
|
1 Expected
|
|
select (select password_expired from mysql.user where User='Tanjotuser3' and Host='localhost')='N';
|
|
(select password_expired from mysql.user where User='Tanjotuser3' and Host='localhost')='N'
|
|
1
|
|
1 Expected
|
|
**** Making connections from each of these created users
|
|
select 1;
|
|
1
|
|
1
|
|
1 Expected
|
|
select 1;
|
|
1
|
|
1
|
|
1 Expected
|
|
**** Expirying password from root login for the 2 created users using update command
|
|
update mysql.user set password_expired='Y' where User='Tanjotuser1' and Host='localhost';
|
|
update mysql.user set password_expired='Y' where User='Tanjotuser3' and Host='localhost';
|
|
**** connecting client before flush privileges
|
|
select 1;
|
|
1
|
|
1
|
|
1 Expected
|
|
select 1;
|
|
1
|
|
1
|
|
1 Expected
|
|
**** flush privileges
|
|
flush privileges;
|
|
**** connecting client after flush privileges
|
|
select 1;
|
|
ERROR HY000: You must reset your password using ALTER USER statement before executing this statement.
|
|
select 1;
|
|
ERROR HY000: You must reset your password using ALTER USER statement before executing this statement.
|
|
**** checking the previous open connections
|
|
select 1;
|
|
1
|
|
1
|
|
1 Expected
|
|
select 1;
|
|
1
|
|
1
|
|
1 Expected
|
|
**** Resetting the password
|
|
select 1;
|
|
1
|
|
1
|
|
1 Expected
|
|
set password='abcd';
|
|
select 1;
|
|
1
|
|
1
|
|
1 Expected
|
|
select (select password_expired from mysql.user where User='Tanjotuser1' and Host='localhost')='N';
|
|
(select password_expired from mysql.user where User='Tanjotuser1' and Host='localhost')='N'
|
|
1
|
|
1 Expected
|
|
select 1;
|
|
1
|
|
1
|
|
1 Expected
|
|
set password='abcd';
|
|
select 1;
|
|
1
|
|
1
|
|
1 Expected
|
|
select (select password_expired from mysql.user where User='Tanjotuser3' and Host='localhost')='N';
|
|
(select password_expired from mysql.user where User='Tanjotuser3' and Host='localhost')='N'
|
|
1
|
|
1 Expected
|
|
**** Logging with the new password
|
|
select 1;
|
|
1
|
|
1
|
|
1 Expected
|
|
select 1;
|
|
1
|
|
1
|
|
1 Expected
|
|
**** connecting client after resetting the password
|
|
Disconnecting the open sessions and dropping the created users
|
|
drop user 'Tanjotuser1'@'localhost';
|
|
drop user 'Tanjotuser3'@'localhost';
|
|
|
|
|
|
=================================================================================================
|
|
Starting the server with the default authentication sha256_password
|
|
=================================================================================================
|
|
|
|
# Restart server with default-authentication-plugin=sha256_password;
|
|
|
|
|
|
=======================================================================================
|
|
Checking the password expiry with the users created with all 2 plugable authentication
|
|
=======================================================================================
|
|
|
|
Creating a user with respect to all the 2 password authentication plugin
|
|
**** Creating user with mysql_native_password plugin
|
|
CREATE USER 'Tanjotuser1'@'localhost' IDENTIFIED WITH 'mysql_native_password';
|
|
SET PASSWORD for 'Tanjotuser1'@'localhost' = 'abc';
|
|
**** Creating user with sha256_password plugin
|
|
CREATE USER 'Tanjotuser3'@'localhost' IDENTIFIED WITH 'sha256_password';
|
|
SET PASSWORD for 'Tanjotuser3'@'localhost' = 'abc';
|
|
**** Validating the plugin names
|
|
select (select plugin from mysql.user where User='Tanjotuser1' and Host='localhost')='mysql_native_password';
|
|
(select plugin from mysql.user where User='Tanjotuser1' and Host='localhost')='mysql_native_password'
|
|
1
|
|
1 Expected
|
|
select (select plugin from mysql.user where User='Tanjotuser3' and Host='localhost')='sha256_password';
|
|
(select plugin from mysql.user where User='Tanjotuser3' and Host='localhost')='sha256_password'
|
|
1
|
|
1 Expected
|
|
**** Validating the password expiry flag in the mysql.user table
|
|
select (select password_expired from mysql.user where User='Tanjotuser1' and Host='localhost')='N';
|
|
(select password_expired from mysql.user where User='Tanjotuser1' and Host='localhost')='N'
|
|
1
|
|
1 Expected
|
|
select (select password_expired from mysql.user where User='Tanjotuser3' and Host='localhost')='N';
|
|
(select password_expired from mysql.user where User='Tanjotuser3' and Host='localhost')='N'
|
|
1
|
|
1 Expected
|
|
**** Expirying password from root login for the 2 created users
|
|
Alter user 'Tanjotuser1'@'localhost' password expire;
|
|
ERROR 42000: Access denied; you need (at least one of) the CREATE USER privilege(s) for this operation
|
|
select 1;
|
|
1
|
|
1
|
|
1 Expected
|
|
Alter user 'Tanjotuser3'@'localhost' password expire;
|
|
ERROR 42000: Access denied; you need (at least one of) the CREATE USER privilege(s) for this operation
|
|
select 1;
|
|
1
|
|
1
|
|
1 Expected
|
|
**** Validating the password expiry flag in the mysql.user table should not be altered
|
|
select (select password_expired from mysql.user where User='Tanjotuser1' and Host='localhost')='N';
|
|
(select password_expired from mysql.user where User='Tanjotuser1' and Host='localhost')='N'
|
|
1
|
|
1 Expected
|
|
select (select password_expired from mysql.user where User='Tanjotuser3' and Host='localhost')='N';
|
|
(select password_expired from mysql.user where User='Tanjotuser3' and Host='localhost')='N'
|
|
1
|
|
1 Expected
|
|
**** These 2 users still should be able to login and work properly
|
|
select 1;
|
|
1
|
|
1
|
|
1 Expected
|
|
select 1;
|
|
1
|
|
1
|
|
1 Expected
|
|
**** Expirying password from root login for the 2 created users using Alter user
|
|
Alter user 'Tanjotuser1'@'localhost' password expire;
|
|
Alter user 'Tanjotuser3'@'localhost' password expire;
|
|
**** Validating the password expiry flag in the mysql.user table
|
|
select (select password_expired from mysql.user where User='Tanjotuser1' and Host='localhost')='Y';
|
|
(select password_expired from mysql.user where User='Tanjotuser1' and Host='localhost')='Y'
|
|
1
|
|
1 Expected
|
|
select (select password_expired from mysql.user where User='Tanjotuser3' and Host='localhost')='Y';
|
|
(select password_expired from mysql.user where User='Tanjotuser3' and Host='localhost')='Y'
|
|
1
|
|
1 Expected
|
|
**** checking user access after password expiry
|
|
select 1;
|
|
ERROR HY000: You must reset your password using ALTER USER statement before executing this statement.
|
|
select 1;
|
|
ERROR HY000: You must reset your password using ALTER USER statement before executing this statement.
|
|
At the same time the open sessions for these users should able to work properly.
|
|
select 1;
|
|
1
|
|
1
|
|
1 Expected
|
|
select 1;
|
|
1
|
|
1
|
|
1 Expected
|
|
setting passwords from the new connections.
|
|
select 1;
|
|
ERROR HY000: You must reset your password using ALTER USER statement before executing this statement.
|
|
set password='abcd';
|
|
select 1;
|
|
1
|
|
1
|
|
1 Expected
|
|
select (select password_expired from mysql.user where User='Tanjotuser1' and Host='localhost')='N';
|
|
(select password_expired from mysql.user where User='Tanjotuser1' and Host='localhost')='N'
|
|
1
|
|
1 Expected
|
|
select 1;
|
|
ERROR HY000: You must reset your password using ALTER USER statement before executing this statement.
|
|
set password='abcd';
|
|
select 1;
|
|
1
|
|
1
|
|
1 Expected
|
|
select (select password_expired from mysql.user where User='Tanjotuser3' and Host='localhost')='N';
|
|
(select password_expired from mysql.user where User='Tanjotuser3' and Host='localhost')='N'
|
|
1
|
|
1 Expected
|
|
**** logging the 2 users with the new passwords
|
|
select 1;
|
|
1
|
|
1
|
|
1 Expected
|
|
select 1;
|
|
1
|
|
1
|
|
1 Expected
|
|
Disconnecting the open sessions and dropping the created users
|
|
drop user 'Tanjotuser1'@'localhost';
|
|
drop user 'Tanjotuser3'@'localhost';
|
|
|
|
|
|
=======================================================================================
|
|
Checking the password expiry using the update command on mysql.user table
|
|
=======================================================================================
|
|
|
|
Creating a user with respect to all the 2 password authentication plugin
|
|
**** Creating user with mysql_native_password plugin
|
|
CREATE USER 'Tanjotuser1'@'localhost' IDENTIFIED WITH 'mysql_native_password';
|
|
SET PASSWORD for 'Tanjotuser1'@'localhost' = 'abc';
|
|
**** Creating user with sha256_password plugin
|
|
CREATE USER 'Tanjotuser3'@'localhost' IDENTIFIED WITH 'sha256_password';
|
|
SET PASSWORD for 'Tanjotuser3'@'localhost' = 'abc';
|
|
**** Validating the plugin names
|
|
select (select plugin from mysql.user where User='Tanjotuser1' and Host='localhost')='mysql_native_password';
|
|
(select plugin from mysql.user where User='Tanjotuser1' and Host='localhost')='mysql_native_password'
|
|
1
|
|
1 Expected
|
|
select (select plugin from mysql.user where User='Tanjotuser3' and Host='localhost')='sha256_password';
|
|
(select plugin from mysql.user where User='Tanjotuser3' and Host='localhost')='sha256_password'
|
|
1
|
|
1 Expected
|
|
**** Validating the password expiry flag in the mysql.user table
|
|
select (select password_expired from mysql.user where User='Tanjotuser1' and Host='localhost')='N';
|
|
(select password_expired from mysql.user where User='Tanjotuser1' and Host='localhost')='N'
|
|
1
|
|
1 Expected
|
|
select (select password_expired from mysql.user where User='Tanjotuser3' and Host='localhost')='N';
|
|
(select password_expired from mysql.user where User='Tanjotuser3' and Host='localhost')='N'
|
|
1
|
|
1 Expected
|
|
**** Making connections from each of these created users
|
|
select 1;
|
|
1
|
|
1
|
|
1 Expected
|
|
select 1;
|
|
1
|
|
1
|
|
1 Expected
|
|
**** Expirying password from root login for the 2 created users using update command
|
|
update mysql.user set password_expired='Y' where User='Tanjotuser1' and Host='localhost';
|
|
update mysql.user set password_expired='Y' where User='Tanjotuser3' and Host='localhost';
|
|
**** connecting client before flush privileges
|
|
select 1;
|
|
1
|
|
1
|
|
1 Expected
|
|
select 1;
|
|
1
|
|
1
|
|
1 Expected
|
|
**** flush privileges
|
|
flush privileges;
|
|
**** connecting client after flush privileges
|
|
select 1;
|
|
ERROR HY000: You must reset your password using ALTER USER statement before executing this statement.
|
|
select 1;
|
|
ERROR HY000: You must reset your password using ALTER USER statement before executing this statement.
|
|
**** checking the previous open connections
|
|
select 1;
|
|
1
|
|
1
|
|
1 Expected
|
|
select 1;
|
|
1
|
|
1
|
|
1 Expected
|
|
**** Resetting the password
|
|
select 1;
|
|
1
|
|
1
|
|
1 Expected
|
|
set password='abcd';
|
|
select 1;
|
|
1
|
|
1
|
|
1 Expected
|
|
select (select password_expired from mysql.user where User='Tanjotuser1' and Host='localhost')='N';
|
|
(select password_expired from mysql.user where User='Tanjotuser1' and Host='localhost')='N'
|
|
1
|
|
1 Expected
|
|
select 1;
|
|
1
|
|
1
|
|
1 Expected
|
|
set password='abcd';
|
|
select 1;
|
|
1
|
|
1
|
|
1 Expected
|
|
select (select password_expired from mysql.user where User='Tanjotuser3' and Host='localhost')='N';
|
|
(select password_expired from mysql.user where User='Tanjotuser3' and Host='localhost')='N'
|
|
1
|
|
1 Expected
|
|
**** Logging with the new password
|
|
select 1;
|
|
1
|
|
1
|
|
1 Expected
|
|
select 1;
|
|
1
|
|
1
|
|
1 Expected
|
|
**** connecting client after resetting the password
|
|
#
|
|
# WL#2284: Increase the length of a user name
|
|
#
|
|
CREATE USER user_name_len_25_01234567@localhost IDENTIFIED BY 'password' PASSWORD EXPIRE;
|
|
SELECT 1;
|
|
ERROR HY000: You must reset your password using ALTER USER statement before executing this statement.
|
|
SET PASSWORD FOR user_name_len_25_01234567@localhost = 'abc';
|
|
SELECT 1;
|
|
1
|
|
1
|
|
Disconnecting the open sessions and dropping the created users
|
|
DROP USER user_name_len_25_01234567@localhost;
|
|
drop user 'Tanjotuser1'@'localhost';
|
|
drop user 'Tanjotuser3'@'localhost';
|