Navigation

Install the JDBC Authentication Plugin

New in version 2.2.

The MongoDB Connector for BI provides a client-side MySQL authentication plugin for Java that integrates with MySQL’s Connector/J JDBC driver and implements the client side of MongoDB-supported authentication mechanisms.

This plugin supports the following mechanisms:

  • SCRAM-SHA-1
  • PLAIN

Install JDBC Authentication Plugin

  1. Include the authentication plugin module library in the CLASSPATH. The Maven coordinates are:

    <dependency>
        <groupId>org.mongodb</groupId>
        <artifactId>mongosql-auth</artifactId>
        <version>1.0.0</version>
    </dependency>
    

    See also

    To learn more about Maven, refer to its documentation site.

    You can also download the .jar archive directly from the plugin releases page.

  2. Include MySQL Connector/J in the CLASSPATH. Its Maven coordinates are:

    <dependency>
       <groupId>mysql</groupId>
       <artifactId>mysql-connector-java</artifactId>
       <version>5.1.42</version>
    </dependency>
    
  3. Add the authentication plugin in the MySQL connection string:

    jdbc:mysql://127.0.0.1:3307?useSSL=false&authenticationPlugins=org.mongodb.mongosql.auth.plugin.MongoSqlAuthenticationPlugin
    

    See also

    To learn about the authenticationPlugins query parameter, see the MySQL documentation.

    You may also specify the authentication mechanism and authentication source as a query parameter on the username.

    Parameter Default Value
    Authentication mechanism Username and Password (SCRAM-SHA-1).
    Authentication source
    • admin for Username and Password (SCRAM-SHA-1)
    • $external for LDAP (PLAIN)

    Example

    Specify an authentication mechanism:

    {username}?mechanism=PLAIN
    

    Specify an authentication source using default authentication mechanism:

    {username}?source={somedb}
    

Note

  • The SCRAM-SHA-1 mechanism hashes the passwords in the client plugin. All other data is in cleartext. If possible, use with SSL connections.
  • The LDAP (PLAIN) mechanism sends the password in cleartext. If possible, use with SSL connections.