# Technical overview
Password is first sourced from ~/.my.cnf via
mysql:get-option('password','client'). In absence of this value, the account password is tested IFF the user has signed in through the UI authentication gate and [auth] => retain_ui_password is true. If either condition is false, SSO does not proceed prompting a user to enter their password.
Authentication is akin to connecting locally to MySQL using the sign-on username and supplied password,
mysql -u USERNAME -p PASSWORD. This platform makes a distinction between localhost and 127.0.0.1; moreover, ident-based authentication (SO_PEERCRED) is not used in MySQL authentication.
If prompted: the form-submitted password is applied to the above MySQL authentication routine. Upon successful authentication, the password is updated in ~/.my.cnf under [client] via
If authenticated: a login session is simulated with the client. A session succeeds if pmaUser-1, pmaPass-1, phpMyAdmin, pma_mcrypt_iv-1, and pma_pmaAuth-1 are present in the login in addition to a redirection to a location that contains a query string parameter "token". These are passed to PHPMYADMIN_LOCATION/dummyset.php?<param>=<val> to apply the cookies from a trusted origin.
PHPMYADMIN_LOCATION is determined by the fully-qualified node (
uname -n). This node must have a trusted SSL certificate to proceed (see SSL.md).
# phpMyAdmin does not load
On a fresh install, a user reported problems accessing /phpMyAdmin within the panel. Further, the server hostname,
server.mydomain.com, shared its second-level domain with an account on the server,
domain.com resolved to the same IP address, 18.104.22.168 and any subdomain created under
domain.com worked as expected.
Multiple hostnames were specified for the public IP address in /etc/hosts.
[server /]$ cat /etc/hosts 127.0.0.1 localhost 22.214.171.124 vps12345.vps.ovh.ca vps12345 126.96.36.199 server.mydomain.com
Remove the default, erroneous hostname configured for the system. In this case it's
188.8.131.52 vps12345.vps.ovh.ca vps12345