thevar1able/ClickHouse
1
0
Fork 0
mirror of https://github.com/ClickHouse/ClickHouse.git synced 2024-09-19 16:20:50 +00:00
Code Issues Packages Projects Releases Wiki Activity

add notes about no_password behavior

Browse Source
This commit is contained in:
Arthur Passos 2024-07-25 09:07:13 -03:00
parent 0204de640f
commit f3f9d5f4de
2 changed files with 18 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
docs/en/sql-reference/statements/alter/user.md
View File

@ -63,19 +63,28 @@ Allows the user with `john` account to grant his privileges to the user with `ja
ALTER USER john GRANTEES jack;
```
Adds new authentication methods to the user while keeping the existing ones
Adds new authentication methods to the user while keeping the existing ones:
``` sql
ALTER USER user ADD IDENTIFIED WITH plaintext_password by '1', bcrypt_password by '2', plaintext_password by '3'
ALTER USER user1 ADD IDENTIFIED WITH plaintext_password by '1', bcrypt_password by '2', plaintext_password by '3'
```
Reset authentication methods and adds the ones specified in the query (effect of leading IDENTIFIED without the ADD keyword)
Note: `no_password` can not co-exist with other authentication methods for security reasons.
Because of that, it is not possible to `ADD` a `no_password` authentication method. The below query will throw an error:
``` sql
ALTER USER user IDENTIFIED WITH plaintext_password by '1', bcrypt_password by '2', plaintext_password by '3'
ALTER USER user1 ADD IDENTIFIED WITH no_password
```
Reset authentication methods and keep the most recent added one
If you want to drop authentication methods for a user and rely on `no_password`, you must specify in the below replacing form.
Reset authentication methods and adds the ones specified in the query (effect of leading IDENTIFIED without the ADD keyword):
``` sql
ALTER USER user RESET AUTHENTICATION METHODS TO NEW
ALTER USER user1 IDENTIFIED WITH plaintext_password by '1', bcrypt_password by '2', plaintext_password by '3'
```
Reset authentication methods and keep the most recent added one:
``` sql
ALTER USER user1 RESET AUTHENTICATION METHODS TO NEW
```

3
docs/en/sql-reference/statements/create/user.md
View File

@ -150,6 +150,9 @@ In ClickHouse Cloud, by default, passwords must meet the following complexity re
CREATE USER user1 IDENTIFIED WITH plaintext_password by '1', bcrypt_password by '2', plaintext_password by '3''
```
Note: `no_password` can not co-exist with other authentication methods for security reasons. Therefore, you can only specify
`no_password` if it is the only authentication method in the query.
## User Host
User host is a host from which a connection to ClickHouse server could be established. The host can be specified in the `HOST` query section in the following ways: