php - Automatically login user to PHPMyAdmin -


i'm writing webhosting control panel our organization, , able automatically login user phpmyadmin.

  1. user logs in out control panel
  2. user clicks "manage databases"
  3. user gets redirected phpmyadmin , automatically logged in

what best way this?

of course don't want save our users' control panel account passwords in our database in plain text.

i don't think there way without knowing set of username , password. in end phpmyadmin middleware connect session database.

as far know, phpmyadmin not have own user table. tries login database credentials provided. if successful, stores credentials in cookies, although encrypted. that's why phpmyadmin asks blowfish secret in config file, store credentials more securely.

what closest can want built-in phpmyadmin, see http://wiki.phpmyadmin.net/pma/auth_types on single sign-on.

auth_type signon feature allow phpmyadmin integrate single sign-on (sso) systems. administrators can configure phpmyadmin installations mysql username , password existing sso session, allowing user sign in once control panel, example, , switching between applications such phpmyadmin without need log in again.

to me create new user each of user account e.g. user called foo might have sso-only account called foo_mysql. store foo_mysql , password (encrypted) database. when user tries access phpmyadmin admin portal, sign them on "signon" auth type setup described in http://wiki.phpmyadmin.net/pma/auth_types#signon.

a more secure way (but still have own doubt) create temporary sso-only account when needed. example, generate new random foo_4f65ca1d each time user requests access phpmyadmin admin portal. send new credentials on phpmyadmin.

once have passed phpmyadmin, phpmyadmin manages credentials usual phpmyadmin way. when user logs out portal, delete temporary user. or set scheduled task delete them after set period (probably period in sync phpmyadmin session length).

this way account behaves pretty user session. don't have store credentials, plaintext or encrypted in database.

i'm no security expert here hope fire off discussion or other more secure solutions.


Comments

Post a Comment

Popular posts from this blog

javascript - RequestAnimationFrame not working when exiting fullscreen switching space on Safari -

request animation frame stops working when exiting fullscreen clicking on original space's safari window. fine if fullscreen mode canceled escape key or calling cancelfullscreen(). steps reproduce: open https://dl.dropboxusercontent.com/u/769042/prezi/safari-fullscreen.html click "draw raf", kittie appears click "fullscreen", go fullscreen click "draw raf", kittie appears go space original safari was, showing "click exit fullscreen mode", click anywhere, out fullscreen click "draw raf", nothing happens what handling click calling: window.requestanimationframe(draw); which draws on canvas context: function draw() { ctx.drawimage(img, math.random()*500|0, math.random()*400|0, 100, 100); } i checked .hidden , .visibilitystate, updated correctly. tested on osx 10.9.3, safari 7.0.4 (9537.76.4). has workaround/solution other switching old settimeout? this sounds webkit bug 88940 : using reque
Read more

Python ctypes access violation with const pointer arguments -

i have api i'm trying wrap in python (2.7.6 on win7) code using ctypes. here's api: client_dllfunc bool clientapi search_exporttoclipcopy(clienthsearch handle, int channel, lpctstr filename, const time_t& from, const time_t& to, const bool* cameras, int length, bool usepassword, lpctstr password, bool includetextin = false, bool excludeplayer = false); the issue i'm having cameras argument; , i've had issue other const pointer arguments well. here's how i'm wrapping api: def search_exporttoclipcopy(self, hsearch, csearch, filename, tfrom, tto, cameras, length, usepassword, password, includetextin=true, excludeplayer=false): exporttoclipcopy = self.sdkdll.search_exporttoclipcopy exporttoclipcopy.argtypes = [c_int, c_int, c_wchar_p, c_long, c_long, pointer(c_bool), c_int, c_bool, c_wchar_p, c_bool, c_bool] exporttoclipcopy.restype = c_bool exporttoclipcopy(hsearch, csearch, filename, tfrom, tto, cameras, length, usepassword, pass
Read more