Enabling Automated Database Redirection for ACL Accounts

Scenarios

Multiple ACL accounts can be created for a GeminiDB Redis instance so that multiple applications can share one instance, helping DBA effectively reduce costs. Different ACL accounts can isolate databases (for example, DB0, DB1, and DB2) to prevent misoperations. Generally, account management supports only auth <user> <pwd> or auth <user:pwd>. If you do not enter <user> or it is inconvenient to change <pwd> to <user:pwd> in the code, you can use automated database redirection by executing auth <pwd> to isolate databases among multiple accounts.

For example:

1. An account (username user1 and password p1) has been set to access only DB 10 in service A.
2. An account (username user2 and password p2) has been set to access only DB 18 in service B.

Applications usually want fewer program changes. For example, to retain the default value of the database parameter of a client instead of setting it to 18 for application B, you can enable automated database redirection so that the account can be automatically redirected to database 18 using only a password. Even if SELECT is mistakenly executed on DB 10 for application B, application A is not affected.

Precautions

• Only one database can be specified for each ACL account for automated redirection. Otherwise, the authentication fails.
• The password of a new account cannot be the same as an existing password. Otherwise, the authentication fails.

Enabling Automated Database Redirection for ACL Accounts

Set EnableAclDbDirect to yes to enable this feature. For details, see Modifying Parameters of an Instance.

Figure 1 Parameters

How to Use a New Account to Access a Database

1. Run auth PWD.
2. When you access a database using an SDK, use PWD as the password parameter.

   When you access a database by running auth argc, ensure that argc does not contain colons. If an incorrect password contains colons, the returned value is the same as that of auth argc1 argc2.