Java applications using Connector/J 5.1.21 and higher can can connect to MySQL servers that use the pluggable authentication module (PAM) authentication scheme.
For PAM authentication to work, you must have the following:
A MySQL server that supports PAM authentication: a commercial distribution of MySQL 5.5.16 or higher. See The PAM Authentication Plugin for more information. Connector/J implements the same cleartext authentication method as in The Cleartext Client-Side Authentication Plugin.
SSL capability, as explained in Section 220.127.116.11, “Connecting Securely Using SSL”. Because the PAM authentication scheme sends the original password to the server, the connection to the server must be encrypted.
PAM authentication support is enabled by default in Connector/J 5.1.21 and up, so no extra configuration is needed.
To disable the PAM authentication feature, specify
mysql_clear_password (the method) or
(the class name) in the comma-separated list of arguments for
Section 18.104.22.168, “Driver/Datasource Class Names, URL Syntax and Configuration Properties
for details about that connection option.