To compile and install a plugin library file, use the instructions inSection 4.4.3, “Compiling and Installing Plugin Libraries”. To make the library file available for use, install it in the plugin directory (the directory named by theplugin_dir system variable).
Register the server-side plugin with the server. For example, to load the plugin at server startup, use a--plugin-load=auth_simple.so option, adjusting the.so suffix for your platform as necessary.
Create a user for whom the server will use theauth_simple plugin for authentication:
mysql> CREATE USER 'x'@'localhost' -> IDENTIFIED WITH auth_simple; Use a client program to connect to the server as userx. The server-sideauth_simple plugin communicates with the client program that it should use the client-sideauth_simple plugin, and the latter sends the password to the server. The server plugin should reject connections that send an empty password and accept connections that send a nonempty password. Invoke the client program each way to verify this:
$> mysql --user=x --skip-passwordERROR 1045 (28000): Access denied for user 'x'@'localhost' (using password: NO)$> mysql --user=x --passwordEnter password: abcmysql> Because the server plugin accepts any nonempty password, it should be considered insecure. After testing the plugin to verify that it works, restart the server without the--plugin-load option so as not to indavertently leave the server running with an insecure authentication plugin loaded. Also, drop the user withDROP USER 'x'@'localhost'.
For additional information about loading and using authentication plugins, seeInstalling and Uninstalling Plugins, andPluggable Authentication.
If you are writing a client program that supports the use of authentication plugins, normally such a program causes a plugin to be loaded by callingmysql_options() to set theMYSQL_DEFAULT_AUTH andMYSQL_PLUGIN_DIR options:
char *plugin_dir = "path_to_plugin_dir";char *default_auth = "plugin_name";/* ... process command-line options ... */mysql_options(&mysql, MYSQL_PLUGIN_DIR, plugin_dir);mysql_options(&mysql, MYSQL_DEFAULT_AUTH, default_auth); Typically, the program will also accept--plugin-dir and--default-auth options that enable users to override the default values.
Should a client program require lower-level plugin management, the client library contains functions that take anst_mysql_client_plugin argument. SeeC API Client Plugin Interface.