I just installed phpmyadmin, for multiple users.
is it normal that i get directly into the phpmyadmin screen without entering a password ?


Welkom op phpMyAdmin 2.2.4
MySQL 3.23.37 running on localhost as admin@localhost


is what i get.
I don't see any databases on the left site, but still.
I've set auth_type to http, and did not enter any user or password information.

There is no dropdown menu in the left frame?

-Dan

Nu there was one database "test" but i deleted it.
The databases i made for some test users don't show.

That's strange. Have you read the documentation on this? Here's the relevant section.
Using authentication modes:

* Http and cookie authentication modes are recommended in a multi-user environment where you want to give users access to their own database and don't want them to play around with others.

* Http and cookie authentication modes are secure: the MySQL password does not need to be set in the phpMyAdmin configuration file. (except for the "controluser" -see the Configuration section-).
In cookie mode, we send the password in a temporary cookie, so most browsers should not store the password in their cookie file.

* For 'http' and 'cookie' modes, phpMyAdmin needs a controluser that has only the SELECT privilege on the mysql.user (all columns except "Password"), mysql.db (all columns) & mysql.tables_priv (all columns except "Grantor" & "Timestamp") tables.
You must specify the details for the controluser in the config.inc.php3 file under the $cfgServers[n]['controluser'] & $cfgServers[n]['controlpass'] settings.
This example assumes you want to use pma as the controluser and pmapass as the controlpass:
GRANT USAGE ON mysql.* TO 'pma'@'localhost' IDENTIFIED BY 'pmapass';
GRANT SELECT (Host, User, Select_priv, Insert_priv, Update_priv, Delete_priv, Create_priv, Drop_priv, Reload_priv, Shutdown_priv, Process_priv, File_priv, Grant_priv, References_priv, Index_priv, Alter_priv) ON mysql.user TO 'pma'@'localhost';
GRANT SELECT ON mysql.db TO 'pma'@'localhost';
GRANT SELECT (Host, Db, User, Table_name, Table_priv, Column_priv) ON mysql.tables_priv TO 'pma'@'localhost';
... and if you want to use the bookmark feature:
GRANT SELECT, INSERT, DELETE ON <bookmark_db>.<bookmark_table> TO 'pma'@'localhost';

* Then each of the true users should be granted of a set of privileges on a set of perticular databases but shouldn't have any global privileges. For example, to grant the user real_user with all privileges on the database user_base:
GRANT ALL PRIVILEGES ON user_base.* TO 'real_user'@localhost IDENTIFIED BY 'real_password';
What the user may now do is controlled entirely by the MySQL user management system.
With http or cookie auth mode, you don't need to fill the user/password fields inside the $cfgServers array.
-Dan

If it's not prompting you for a password, then you setup basic authentication. The user id that you put into the config. prob. does not have the authority to use any of the databases.

Frank

To be honest, the readme file confused me, i first created a control user, but the next paragraph in the readme file said it was'nt neccesary so i removed it

First it says:

For 'http' and 'cookie' modes, phpMyAdmin needs a stduser that has only the SELECT privilege on the mysql.user (all columns except "Password"), mysql.db (all columns) & mysql.tables_priv (all columns except "Grantor" & "Timestamp") tables.
You must specify the details for the stduser in the config.inc.php3 file under the $cfgServers[n]['stduser'] & $cfgServers[n]['stdpass'] settings

then it says:


With http or cookie auth mode, you don't need to fill the user/password fields inside the $cfgServers array


I'm sure i'm missing something very obvious, but it is kind of complicated reading for a non-english reader.

This is my current config

$cfgServers[1]['host'] = 'localhost'; // MySQL hostname
$cfgServers[1]['port'] = ''; // MySQL port - leave blank for default port
$cfgServers[1]['socket'] = ''; // Path to the socket - leave blank for default socket
$cfgServers[1]['connect_type'] = 'tcp'; // How to connect to MySQL server ('tcp' or 'socket')
$cfgServers[1]['stduser'] = ''; // MySQL standard user settings (this user must have read-only
$cfgServers[1]['stdpass'] = ''; // access to the "mysql/user" and "mysql/db" tables)
$cfgServers[1]['auth_type'] = 'http'; // Authentication method (config, http or cookie based)?
$cfgServers[1]['user'] = ''; // MySQL user
$cfgServers[1]['password'] = ''; // MySQL password (only needed with 'config' auth)
$cfgServers[1]['only_db'] = ''; // If set to a db-name, only this db is displayed at left frame
// It may also be an array of db-names
$cfgServers[1]['verbose'] = ''; // Verbose name for this host - leave blank to show the hostname
$cfgServers[1]['bookmarkdb'] = ''; // Bookmark db - leave blank for no bookmark support
$cfgServers[1]['bookmarktable'] = ''; // Bookmark table - leave blank for no bookmark support
$cfgServers[1]['relation'] = ''; // table to describe the relation between links (see doc)


What do i need to change/add ?

anyone ? :(

just use .htaccess

I'm just wondering if i did it right, and things are safe the way i set it up.