shyiko
connecting to MySQL 8.0.12 configured for strong password encryption
Get this error when connecting to a MySQL 8.0.12 server configured for strong password encryption (rather than Legacy authentication method)
com.github.shyiko.mysql.binlog.network.AuthenticationException: Client does not support authentication protocol requested by server; consider upgrading MySQL client
Note that a new level (8.0.x) of ODBC and JDBC connectors is required when connecting to such a server; I suspect that mysql-binlog-connector needs a similar change.
Hi @starquestv. Any chance you can provide docker image/vagrant box that I can use to reproduce? mysql-binlog-connector-java is already using Secure Password Authentication.
Thanks for the quick response!
Sorry – we don’t have a docker image (and I don’t even know what a vagrant box is.. guess I have some reading to do...) I installed the Community Edition of MySQL 8.0.12 (from https://dev.mysql.com/downloads/mysql/ ) on a Windows system.
If mysql-binlog-connector-java is already using Secure Password Authentication, perhaps there is something different in the way we should make the connection? Any new parameters?
logClient = new BinaryLogClient(host, Integer.parseInt(port), user, password);
We are using the latest posted jar file (.16.1) from April. Was the Secure Password Authentication support added after that?
0.16.1 is fine. AuthenticateCommand hasn't changed in 3 years. How about my.conf? (XXX whatever you deem to be security sensitive).
my.ini.txt uploaded (I had to add .txt extension)
Pretty basic - the only entries of interest (I think) are:
The default authentication plugin to be used when connecting to the server default_authentication_plugin=caching_sha2_password
Binary Logging. log-bin="SRV123-bin"
Thanks. The thing is - sha2_password authentication method is a little bit different from Secure Password Authentication. It should be relatively easy to implement but it's not supported at the moment. If you willing to give it try I can provide some guidance on how to assemble a PR.
Thanks. I'm not sure what a PR is?
But this is low priority for us, as we don't have any customers with this scenario - just something I have been setting up in our test lab to be proactive. So I expect that my directive will be to not spend much time on this, especially since you pointed me in the direction of a workaround (first I saw how to revert to mysql_native_password for the entire database by editing my.ini, and when that didn't affect the already-created user, I realized I could do an ALTER USER for just the one user in our app that uses the binlog-connector). So I have a workaround for when/if we encounter a customer with this setup (at least for the trial period - even if a customer is unwilling to loosen security on their Production system, they most likely would be willing to do it temporarily on a QA system).
PR is short for Pull Request. Alrighty, I'll keep this issue open until it's taken care of (one way or the other).
@shyiko Hi, there. I already use version 0.20.1 of mysql-binlog-connector-java. I thought you guys maybe solve this problem, but I got this error log
com.github.shyiko.mysql.binlog.network.AuthenticationException: Client does not support authentication protocol requested by server; consider upgrading MySQL client
Is my mistake or just not figure it out?
mysql version "Ver 8.0.16 for macos10.14 on x86_64 (MySQL Community Server - GPL)"
As far as I know, this issue has not been resolved yet. As mentioned, my workaround is to do an ALTER USER for just the one user in our app that uses the binlog-connector - i.e. configure the user to use legacy password authentication: ALTER USER SQDR IDENTIFIED WITH mysql_native_password BY 'mypassword';
@shyiko do you have any plan to fix it? i miss the same problem. using version:0.20.1
I just open a PR to fix this issue. but Travis seems not work correct. Can you review the PR and release a new version ASAP ? thanks. @shyiko
@shyiko would please review @dingxiaobo pr. I am also stuck, I am using debezium and it depends on this package
