tags:

views:

281

answers:

3
+1  Q: 

Integrated authentication for mysql

When working with MSSQL on Windows I was used to a very convenient feature called integrated authentication. In short, being authenticated in Windows can give you access to the database, so no need to give any specific password. Now I am developing an application on Linux with no user interaction; this application needs to access a mysql database for its own purposes, so how do I let it login? I have found that even though by default a root account is created in mysql, this root account has no connection with unix root, I can use it even if I am not a superuser in Linux, and the password is blank. Of course I can create a dedicated user account in mysql for the needs of my application, but in this case I need to hard-code the password somewhere, which is not nice. Once again - there is no user interaction in my application, so no chance for someone to enter the password. I have a distinct feeling that I am missing something important here. Thanks for any advice!

+1  A: 

First, you really should set a password on the mysql root account...

Second, yeah, you're pretty much going to have to put the password somewhere, unless you set up the application account to use a blank password too...

genehack  2008-11-28 11:58:55
A: 

You can put the settings in a .my.cnf file:

[Client]
user=ken
password=ken
host=localhost
database=foo

You can use different config files using the --defaults-file option

Some more info on option files at dev.mysql.com

Ken  2008-11-28 12:18:41
Sorry, but you are not quite getting the point. I am not asking where to store the password - I can pretty much do it in the config file for my own application-but instead I would like to avoid this altogether. Windows integrated authentication means that OS credentials are mapped to DB credentials.
azerole  2008-11-28 12:34:34
A: 

You can hard-code the password, which, as you say, is not particularly nice. E.g. in PHP:

 $connection = mysql_connect('HOSTNAME', 'USERNAME', 'PASSWORD')
   or die('Could not connect: ' . mysql_error());

 mysql_select_db('DATABASE') or die('Could not select database');

Alternatively, you could load the password in from a config file, in which case you could store it in encrypted form, but if someone can see your source-code and see how you decrypt it, they'll be able to decrypt it too.

Ben  2008-11-28 12:20:16

related questions

Remove Quotes and Commas from a String in MySQL
What's the best way of converting a mysql database to a sqlite one?
How do you manage databases in development, test, and production?
Multiple foreign keys?
Add 1 to a field (MySQL)
Issues using MS Access as a front-end to a MySQL database back-end?
Bigger than a char but smaller than a blob
How do I retrieve my MySQL username and password?
Long-time LAMP Developer moving to VB.NET
How do I Concatenate entire result sets in MySQL?
Full complete MySQL database replication? Ideas? What do people do?
SQL: Distribution of table in time
SQLite vs MySQL
How do I create a new Ruby on Rails application using MySQL instead of SQLite?
Multiple Updates in MySQL
MySQL/Apache Error in PHP MySQL query
What all do I need to escape when sending a (My)SQL query?
Auto Generate Database Diagram MySQL
Mechanisms for tracking DB schema changes
How big can a MySQL database get before performance starts to degrade.
Python and MySQL
SQL Server 2005 implementation of MySQL REPLACE INTO?
How to export data from SQL Server 2005 to MySQL
Throw Error In MySQL Trigger
Binary Data in MySQL