Authentication >
JDBC Authentication Plugin

JDBC Authentication Plugin¶

On this page

Installing the Plugin

New in version 2.2.

The MongoDB Connector for BI provides a client-side MySQL authentication plugin for Java that integrates with MySQL’s Connector/J JDBC driver. The mongosql_auth plugin allows a client to authenticate with a BI Connector and MongoDB deployment running with authentication enabled using one of the following authentication mechanisms:

SCRAM-SHA-1
SCRAM-SHA-256
PLAIN (LDAP)
GSSAPI (Kerberos)

Note

The SCRAM-SHA-1 and SCRAM-SHA-256 mechanisms hash the passwords in the client plugin; however, all other data is in cleartext. If possible, use with encrypted connections.
The PLAIN mechanism sends the password in cleartext. Use encrypted connections with the PLAIN mechanism .

Important

The plugin is not compatible with MySQL Server or Connector/J driver version 8 and later.

Installing the Plugin¶

You can either download the plugin .jar file directly from the download site or use Maven.

To download the plugin directly:

Select the .jar file from the download site.
Save it to a local directory. Refer to the directory as needed.

To use Maven:

Include the authentication plugin module library in the CLASSPATH. The Maven coordinates are:
copy
```
<dependency>
    <groupId>org.mongodb</groupId>
    <artifactId>mongosql-auth</artifactId>
    <version>1.0.0</version>
</dependency>
```
See also

To learn more about Maven, refer to its documentation site.

Include MySQL Connector/J in the CLASSPATH. Its Maven coordinates are:

copy

<dependency>
   <groupId>mysql</groupId>
   <artifactId>mysql-connector-java</artifactId>
   <version>5.1.42</version>
</dependency>

Add the authentication plugin in the MySQL connection string:
copy
```
jdbc:mysql://127.0.0.1:3307?useSSL=false&authenticationPlugins=org.mongodb.mongosql.auth.plugin.MongoSqlAuthenticationPlugin
```
See also

To learn about the authenticationPlugins query parameter, see the MySQL documentation.

You may also specify the authentication mechanism and authentication source as a query parameter on the username.
Parameter Default Value
Authentication mechanism Username and Password (SCRAM-SHA-1).
Authentication source
admin for Username and Password (SCRAM-SHA-1)

$external for LDAP (PLAIN)
Example

Specify an authentication mechanism:
copy
{username}?mechanism=PLAIN
Specify an authentication source using default authentication mechanism:
copy
{username}?source={somedb}

← C Authentication Plugin Configure Kerberos for BI Connector →

Parameter	Default Value
Authentication mechanism	Username and Password (`SCRAM-SHA-1`).
Authentication source	`admin` for Username and Password (`SCRAM-SHA-1`) `$external` for LDAP (`PLAIN`)