Pluggable Authentication and Authorization Modules in MySQL

Brian and Trudy have been busy entering design documents into the MySQL Forge wiki on a proposed pluggable authentication module system for MySQL, along with a related design document for pluggable authorization as well.

This discussion area and document is timely indeed. Over the last couple weeks, I have seen a number of mentions over on freenode #mysql about whether MySQL plans to support pluggable authentication modules, as well as recent ongoing discussion about the topic on the internals mailing list. The concept is one which I hinted about in “Pro MySQL” when I wrote about User Administration in Chapter 15, and the fact that it would be nice to have a role-based implementation similar to other RDBMS systems.

The design documents linked above are an excellent, in-depth discussion regarding the proposed feature set involved. I know that Baron Schwartz recently wrote about role-based authentication, and I have met numerous developers at conferences who have asked if MySQL will eventually support external authentication, such as via ActiveDirectory or LDAP. Well, the pluggable support documents are what you need to read if you are interested and/or willing to contribute to the discussions about this feature arena. Please head over to the Forge wiki, read the documentation, and send in suggestions, or simply start a discussion on the wiki itself.