Table of Contents
Advertisement
Session ID:
182, 158, 30, 11, 150, 79, 170, 76, 255, 92, 15, 226, 24, 17, 177, »
219, 158, 177, 187, 143}
Cipher Suite:
Compression Method: 0
***
%% Created:
** SSL_RSA_WITH_RC4_128_SHA
[read] MD5 and SHA1 hashes:
0000: 02 00 00 46 03 01 3D B6 43 98 74 32 04 67 19 64
0010: 3A CA 4F B9 B2 64 D7 42 FE 15 53 BB BE 2A AA 03
0020: 84 6E 52 94 A0 5C 20 A3 E3 54 35 51 7F FC FE B2
0030: B3 44 3F B6 9E 1E 0B 96 4F AA 4C FF 5C 0F E2 18
0040: 11 B1 DB 9E B1 BB 8F 00 05 00
main, READ:
...
JSSE provides debugging (to stdout) when you set the following system property:
Djavax.net.debug=all
what is going on during the SSL handshake and certificate exchange. It will be helpful when trying to
determine what is not working when trying to get an SSL connection to happen.
20.3.5.6. Connecting Using PAM Authentication
Java applications using Connector/J 5.1.21 and higher can can connect to MySQL servers that use the
pluggable authentication module (PAM) authentication scheme.
For PAM authentication to work, you must have the following:
• A MySQL server that supports PAM authentication: a commercial distribution of MySQL 5.5.16 or
higher. See
cleartext authentication method as in
• SSL capability, as explained in
PAM authentication scheme sends the original password to the server, the connection to the server
must be encrypted.
PAM authentication support is enabled by default in Connector/J 5.1.21 and up, so no extra
configuration is needed.
To disable the PAM authentication feature, specify
com.mysql.jdbc.authentication.MysqlClearPasswordPlugin
comma-separated list of arguments for the
See
Section 20.3.5.1, "Driver/Datasource Class Names, URL Syntax and Configuration Properties for
Connector/J"
20.3.5.7. Using Master/Slave Replication with ReplicationConnection
Connector/J 3.1.7 and higher includes a variant of the driver that will automatically send queries to
a read/write master, or a failover or round-robin loadbalanced set of slaves based on the state of
Connection.getReadOnly().
An application signals that it wants a transaction to be read-only by calling
Connection.setReadOnly(true), this replication-aware connection will use one of the slave
connections, which are load-balanced per-vm using a round-robin scheme (a given connection is sticky
to a slave unless that slave is removed from service). If you have a write transaction, or if you have a
read that is time-sensitive (remember, replication in MySQL is asynchronous), set the connection to be
not read-only, by calling
calls are sent to the master MySQL server. The driver takes care of propagating the current state of
autocommit, isolation level, and catalog between all of the connections that it uses to accomplish this
load balancing functionality.
To enable this functionality, use the
your application server's connection pool or when creating an instance of a JDBC driver for your
Connector/J (JDBC) Reference
{163, 227, 84, 53, 81, 127, 252, 254, 178, 179, 68, 63, »
{ 0, 5 }
[Session-1, SSL_RSA_WITH_RC4_128_SHA]
len = 74
SSL v3.1 Handshake, length = 1712
This will tell you what keystores and truststores are being used, as well as
The PAM Authentication Plugin
Section 20.3.5.5, "Connecting Securely Using
for details about that connection option.
Connection.setReadOnly(false)
for more information. Connector/J implements the same
The Cleartext Client-Side Authentication
mysql_clear_password
disabledAuthenticationPlugins
com.mysql.jdbc.ReplicationDriver
2082
...F..=.C.t2.g.d
:.O..d.B..S..*..
.nR..\ ..T5Q....
.D?.....O.L.\...
..........
Plugin.
SSL". Because the
(the method) or
(the class name) in the
and the driver will ensure that further
class when configuring
-
connection option.
Advertisement
Chapters
Table of Contents
Troubleshooting
