The read_auth()
function is triggered when
an authentication handshake is initiated by the client. In the
execution sequence, read_auth()
occurs
immediately after read_handshake()
, so the
server selection has already been made, but the connection and
authorization information has not yet been provided to the
backend server.
You can obtain the authentication information by examining the
proxy.connection.client
structure. For more
information, see
Section 6.4.2, “Internal Structures”.
For example, you can print the user name and password supplied during authorization using:
function read_auth() print(" username : " .. proxy.connection.client.username) print(" password : " .. string.format("%q", proxy.connection.client.scrambled_password)) end
You can interrupt the authentication process within this
function and return an error packet back to the client by
constructing a new packet and returning
proxy.PROXY_SEND_RESULT
:
proxy.response.type = proxy.MYSQLD_PACKET_ERR proxy.response.errmsg = "Logins are not allowed" return proxy.PROXY_SEND_RESULT