# phpMyAdmin

# Technical overview

Password is first sourced from ~/.my.cnf via mysql:get-option('password','client'). In absence of this value, the account password is tested IFF the user has signed in through the UI authentication gate and [auth] => retain_ui_password is true. If either condition is false, SSO does not proceed prompting a user to enter their password.

Authentication is akin to connecting locally to MySQL using the sign-on username and supplied password, mysql -u USERNAME -p PASSWORD. This platform makes a distinction between localhost and 127.0.0.1; moreover, ident-based authentication (SO_PEERCRED) is not used in MySQL authentication.

If prompted: the form-submitted password is applied to the above MySQL authentication routine. Upon successful authentication, the password is updated in ~/.my.cnf under [client] via mysql:set-option('password','client').

If authenticated: a login session is simulated with the client. A session succeeds if pmaUser-1, pmaPass-1, phpMyAdmin, pma_mcrypt_iv-1, and pma_pmaAuth-1 are present in the login in addition to a redirection to a location that contains a query string parameter "token". These are passed to PHPMYADMIN_LOCATION/dummyset.php?<param>=<val> to apply the cookies from a trusted origin.

PHPMYADMIN_LOCATION is determined by the fully-qualified node (uname -n). This node must have a trusted SSL certificate to proceed (see SSL.md).

# Troubleshooting

# phpMyAdmin does not load

On a fresh install, a user reported problems accessing /phpMyAdmin within the panel. Further, the server hostname, server.mydomain.com, shared its second-level domain with an account on the server, domain.com. Both server.mydomain.com and domain.com resolved to the same IP address, 129.19.16.12 and any subdomain created under domain.com worked as expected.

# Cause

Multiple hostnames were specified for the public IP address in /etc/hosts.

[server /]$ cat /etc/hosts
127.0.0.1    localhost
129.19.16.12    vps12345.vps.ovh.ca    vps12345
129.19.16.12 server.mydomain.com

# Solution

Remove the default, erroneous hostname configured for the system. In this case it's 129.19.16.12 vps12345.vps.ovh.ca vps12345