xpra icon
Bug tracker and wiki

Opened 4 months ago

Closed 4 months ago

Last modified 4 months ago

#2287 closed enhancement (fixed)

mysql auth module

Reported by: Antoine Martin Owned by: Antoine Martin
Priority: minor Milestone: 3.0
Component: server Version: 2.5.x
Keywords: Cc:

Description

Should be able to re-use quite a bit of the sqlite auth module (#1488) and pave the way for more generic sql auth options (postgres, whatever).

This may also help with proxy configurations where the servers can register themselves with the proxy, as sql servers can usually be accessed remotely without requiring full user account access or ssh.

Attachments (1)

sql.patch (20.3 KB) - added by Antoine Martin 4 months ago.
generic sql auth

Download all attachments as: .zip

Change History (3)

Changed 4 months ago by Antoine Martin

Attachment: sql.patch added

generic sql auth

comment:1 Changed 4 months ago by Antoine Martin

Resolution: fixed
Status: newclosed

Done in r22621.


End to end setup and test on Fedora:

  • install mariadb:
    sudo dnf install mariadb-server
    sudo systemctl start mariadb
    
  • create a database and user for xpra authentication:
    mysql -u root mysql
    > CREATE DATABASE xpra;
    > CREATE USER 'xpra'@'localhost' IDENTIFIED BY 'xpra';
    > GRANT ALL ON xpra.* TO 'xpra'@'localhost';
    
  • verify this new user can connect to the database:
    $ mysql -u xpra -pxpra
    
  • install the python bindings for mysql:
    sudo dnf install mysql-connector-python3
    
  • create the schema:
    URI=mysql://xpra:xpra@localhost
    python3 ./xpra/server/auth/mysql_auth.py $URI create
    
  • add a test user with one TCP session on port 10000:
    python3 ./xpra/server/auth/mysql_auth.py $URI add test1 test1 1000 1000 tcp://localhost:10000/
    
  • start the session on port 10000:
    xpra start --bind-tcp=0.0.0.0:10000 --no-daemon :20
    
  • start the proxy using mysql backend authentication:
    python3 /usr/bin/xpra proxy --no-daemon --bind-tcp=0.0.0.0:14500 --tcp-auth=mysql:uri=$URI
    
  • connect a client via the proxy:
    python2 /usr/bin/xpra attach tcp://test1:test1@localhost:14500/
    
Last edited 4 months ago by Antoine Martin (previous) (diff)

comment:2 Changed 4 months ago by Antoine Martin

Follow up: #2288 - generic backend

Note: See TracTickets for help on using tickets.