When a user attempts to log in, the authentication plugin controls how MariaDB Server determines whether the connection is from a legitimate user.
When creating or altering a user account with the GRANT, CREATE USER or ALTER USER statements, you can specify the authentication plugin you want the user account to use by providing the
IDENTIFIED VIA clause. By default, when you create a user account without specifying an authentication plugin, MariaDB uses the mysql_native_password plugin.
MariaDB starting with 10.4
In MariaDB 10.4 and later, there are some notable changes, such as:
- You can specify multiple authentication plugins for each user account.
root@localhostuser created by mariadb-install-db is created with the ability to use two authentication plugins. First, it is configured to try to use the unix_socket authentication plugin. This allows the the
root@localhostuser to login without a password via the local Unix socket file defined by the socket system variable, as long as the login is attempted from a process owned by the operating system
rootuser account. Second, if authentication fails with the unix_socket authentication plugin, then it is configured to try to use the mysql_native_password authentication plugin. However, an invalid password is initially set, so in order to authenticate this way, a password must be set with SET PASSWORD.
MariaDB plug-ins & licensingGood day, What licenses are required for MariaDB plug-ins? Is there an over...