Java applications using Connector/J 5.1.21 and higher can connect to MySQL servers that use the pluggable authentication module (PAM) authentication scheme.
For PAM authentication to work, you must have the following:
A MySQL server that supports PAM authentication: a commercial distribution of MySQL 5.5.16 or higher. See PAM Pluggable Authentication for more information. Connector/J implements the same cleartext authentication method as in Client-Side Cleartext Pluggable Authentication.
SSL capability, as explained in Section 5.5, “Connecting Securely Using SSL”. Because the PAM authentication scheme sends the original password to the server, the connection to the server must be encrypted.
PAM authentication support is enabled by default in Connector/J 5.1.21 and up, so no extra configuration is needed.
To disable the PAM authentication feature, specify
mysql_clear_password (the method) or
(the class name) in the comma-separated list of arguments for
Section 5.1, “Driver/Datasource Class Names, URL Syntax and Configuration Properties
for details about that connection option.