sql,server: support SCRAM authentication for SQL sessions #12793
Assignees
Labels
Comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Exalate commented:
cockroachdb/cockroach#74301 --- Release note (backward-incompatible change): The environment variable that controls the max amount of CPU that can be taken by password hash computations during authentication was renamed from
COCKROACH_MAX_BCRYPT_CONCURRENCYtoCOCKROACH_MAX_PW_HASH_COMPUTE_CONCURRENCY. Its semantics remain unchanged. Release note (security update): CockroachDB is now able to authenticate users via the web UI and through SQL sessions when the client provides a cleartext password and the stored credentials are encoded using the SCRAM-SHA-256 algorithm. (Note: support for a SCRAM authentication flow is a separate feature and is not the target of this release note.) In particular, for SQL client sessions it makes it possible to use the authentication methodspassword(cleartext passwords), andcert-password(TLS client cert or cleartext password) with either CRDB-BCRYPT or SCRAM-SHA-256 stored credentials. Previously, only CRDB-BCRYPT stored credentials were supported for cleartext password authentication.Jira Issue: DOC-2362
The text was updated successfully, but these errors were encountered: