Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

New setting in Server Configuration to on/off AuthType Plaintext_password and No_password #34738

Merged
merged 6 commits into from
Mar 14, 2022
Merged

New setting in Server Configuration to on/off AuthType Plaintext_password and No_password #34738

merged 6 commits into from
Mar 14, 2022

Conversation

HeenaBansal2009
Copy link
Contributor

@HeenaBansal2009 HeenaBansal2009 commented Feb 18, 2022
edited
Loading

Changelog category (leave one):

  • New Feature
     
    Changelog entry :
    A new settings called <allow_plaintext_password><allow_no_password> is added in server configuration which on/off insecure AUTH_TYPE plaintext-password and no_password.
    By default the property is set to true which means authType Plaintext_password & NO_password is allowed.

Detailed description / Documentation draft:
Currently clickhouse user can store the password in configuration file and user access entity can be created using SQL statements identified with Plaintext_passowrd and no_password. Good password management guidelines require that a password never be stored in plaintext. Password submission in cleartext format OR using no password authentication is always considered as insecure.
This feature hardens the user configuration and allows admin to disable insecure auth_type (plaintext_password and no_password).

<allow_plaintext_and_no_password>0</allow_plaintext_and_no_password>
If this property is unset in clickhouse server configuration, ALTER/CREATE users are not allowed without AUTH_TYPE and IDENTIFIED WITH NO_PASSWORD/PLAINTEXT_PASSWORD.

CREATE USER u1_01292 NOT IDENTIFIED -- { serverError 43 } 

CREATE USER u2_01292 IDENTIFIED WITH plaintext_password BY 'qwe123' -- { serverError 43 } 

CREATE USER u1_01292  { serverError 43 } 

CREATE USER u_02207 IDENTIFIED WITH double_sha1_hash BY '8DCDD69CE7D121DE8013062AEAEB2A148910D50E' -- {Allowed}

Additionally , Users existed in system.users with no-password and plaintext_password AuthType won't be able to login if this property is unset i.e plaintext and no_password are not allowed.

Issue #33953

@robot-clickhouse robot-clickhouse added doc-alert pr-feature Pull request with new product feature labels Feb 18, 2022
@HeenaBansal2009 HeenaBansal2009 changed the title Issue 33953 New setting in Server Configuration to on/off AuthType Plaintext_password Feb 19, 2022
@qoega qoega added the can be tested Allows running workflows for external contributors label Feb 19, 2022
@vitlibar vitlibar self-assigned this Feb 21, 2022
@HeenaBansal2009 HeenaBansal2009 changed the title New setting in Server Configuration to on/off AuthType Plaintext_password [WIP] New setting in Server Configuration to on/off AuthType Plaintext_password and No_password Feb 24, 2022
@HeenaBansal2009 HeenaBansal2009 changed the title [WIP] New setting in Server Configuration to on/off AuthType Plaintext_password and No_password New setting in Server Configuration to on/off AuthType Plaintext_password and No_password Feb 25, 2022
@HeenaBansal2009
Copy link
Contributor Author

@vitlibar,I see that 6 checks are failing which doesn't seems to be related to my changes.
I've finished with initial implementation, waiting for review/comments and suggestions from you.

vitlibar
vitlibar reviewed Mar 8, 2022
View reviewed changes
programs/local/LocalServer.cpp Outdated Show resolved Hide resolved
src/Access/UsersConfigAccessStorage.cpp Outdated Show resolved Hide resolved
src/Access/AccessControl.h Outdated Show resolved Hide resolved
src/Access/UsersConfigAccessStorage.cpp Outdated Show resolved Hide resolved
src/Interpreters/Access/InterpreterCreateUserQuery.cpp Outdated Show resolved Hide resolved
src/Interpreters/Access/InterpreterCreateUserQuery.cpp Outdated Show resolved Hide resolved
src/Interpreters/Access/InterpreterCreateUserQuery.cpp Outdated Show resolved Hide resolved
programs/server/Server.cpp Outdated Show resolved Hide resolved
src/Interpreters/Session.cpp Outdated Show resolved Hide resolved
src/Interpreters/Session.cpp Outdated Show resolved Hide resolved
@HeenaBansal2009 HeenaBansal2009 force-pushed the Issue-33953 branch 2 times, most recently from 2d9156e to 318b7da Compare March 10, 2022 02:10
@HeenaBansal2009 HeenaBansal2009 force-pushed the Issue-33953 branch 3 times, most recently from 8c67c9b to d0c0ece Compare March 11, 2022 04:44
@vitlibar vitlibar merged commit 4af61fb into ClickHouse:master Mar 14, 2022
@HeenaBansal2009
Copy link
Contributor Author

HeenaBansal2009 commented Mar 14, 2022
edited
Loading

@vitlibar , Thanks for merging the PR.
Do you see any documentation update for this feature. However , I have updated the config.xml with configuration <allow_no_password> and <allow_plaintext_password>

yokofly added a commit to timeplus-io/proton that referenced this pull request Sep 11, 2023
@yokofly
porting ClickHouse/ClickHouse#34738
5870fdd 
New setting in Server Configuration to on/off AuthType Plaintext_password and No_password
@realyota realyota mentioned this pull request Feb 7, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@vitlibar vitlibar Awaiting requested review from vitlibar

Assignees

@vitlibar vitlibar

Labels
can be tested Allows running workflows for external contributors pr-feature Pull request with new product feature
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@HeenaBansal2009 @vitlibar @qoega @robot-clickhouse