Add authentication via XUSER to SAP-MaxDB

[Masanetz]

Please add the possibility to use XUSER-entries instead of explicit username password combination to authenticate on the database.

By now, the user and the password is distributed plain text to "MK_CONFDIR"/maxdb.cfg.

If we could use the provided maxdb authentication via XUSER mechanism, no plaintext password is needed in the config file.

Kind regards,
Knut Masanetz

[Ma7h1]

Hey Knut Masanetz,

sorry I did not see this. How the call would look like then ?
At the moment the Agent Plugin just makes calls like "dbmcli "

Cheers

[Masanetz]

Hi,

with XUSER-Auth you use -U instead of -u ,...
See https://maxdb.sap.com/doc/7_8/45/376d5aa05f6bf1e10000000a1553f6/content.htm

So only the way to store and submit the credentials changes...

Cheers

[wemsras]

Hi,

this is not so easy, because normaly root ist running all the checks, and root dont know anything about a running maxdb instance and has no XUSER-Auth information.
If you want use the syntax like dbmcli -U c sql_execute..... or dbmcli -U w db_state you must be the <sid>adm because normaly the <sid>adm has its own XUSER-Auth.
You can, of course, check for an running Instance of a maxdb and then resolve the <sid>adm und do a su or sudo <sid>adm.

We have written our own check for maxdb and the configuration from a maxdb.cfg is higly recommended. The same way work for mk_oracle and the SAP HANA Check.

Cheers