MariaDB Connector/J 2.5.0 Release Notes
The most recent Stable (GA) release of MariaDB Connector/J is:
MariaDB Connector/J 3.5.1
Download Release Notes Changelog Connector/J Overview
Release date: 3 Oct 2019
MariaDB Connector/J 2.5.0 is a Release Candidate (RC) release.
NOTE: MariaDB Connector/J 2.5.0 is fully compatible with the latest release of version 2.4. Further maintenance releases will not be provided for version 2.4.
For an overview of MariaDB Connector/J see the About MariaDB Connector/J page
Evolutions
Authentication service
Client authentication plugins are now defined as services. This permits to easily add new client authentication plugins. The driver has 2 new plugins `caching_sha2_password` and `sha256_password plugin` for MySQL compatibility
List of authentication plugins in java connector :
- mysql_clear_password
- auth_gssapi_client
- client_ed25519
- mysql_native_password
- mysql_old_password
- dialog (PAM)
- sha256_password
- caching_sha2_password
New authentication plugins can be created implementing interface org.mariadb.jdbc.authentication.AuthenticationPlugin, and listing new plugin in a META-INF/services/org.mariadb.jdbc.authentication.AuthenticationPlugin file.
Credential service
Credentials are usually set using user/password in the connection string or by using DriverManager.getConnection(String url, String user, String password).
Credential plugins permit to provide credential information from other means. Those plugins have to be activated setting option `credentialType` to designated plugin.
The driver has 3 default plugins :
AWS IAM
This permits AWS database IAM authentication. The plugin generate a token using IAM credential and region. Token is valid for 15 minutes and cached for 10 minutes.
To use this credential authentication, com.amazonaws:aws-java-sdk-rds dependency must be registred in classpath. Implementation use SDK DefaultAWSCredentialsProviderChain and DefaultAwsRegionProviderChain to get IAM credential and region. see DefaultAWSCredentialsProviderChain and DefaultAwsRegionProviderChain to check how those information can be retrieved (environment variable / system properties, files, ...)
Example: jdbc:mariadb://host/db?credentialType=AWS-IAM&useSsl&serverSslCert=/somepath/rds-combined-ca-bundle.pem
with AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY and AWS_REGION environment variable set.
Environment
User and Password are retrieved from environment variables. default environment variables are MARIADB_USER and MARIADB_PWD, but can be changed by setting additional option `userKey` and `pwdKey`
Example : using connection string jdbc:mariadb://host/db?credentialType=ENV
user and password will be retrieved from environment variable MARIADB_USER and MARIADB_PWD.
Property
User and Password are retrieved from java properties. default property name are mariadb.user and mariadb.pwd, but property names can be changed by setting additional option `userKey` and `pwdKey`
Example : using connection string jdbc:mariadb://host/db?credentialType=PROPERTY&userKey=mariadbUser&pwdKey=mariadbPwd
user and password will be retrieved from java properties `mariadbUser` and `mariadbPwd`
SSL factory service
A connection to a server initially creates a socket. When set, SSL socket is layered over this existing socket. Implementing org.mariadb.jdbc.tls.TlsSocketPlugin permit to provide custom SSL implementation for example create a new HostnameVerifier implementation.
Custom implementation need to implement org.mariadb.jdbc.tls.TlsSocketPlugin and register service META-INF/services/org.mariadb.jdbc.tls.TlsSocketPlugin
Custom implementation are activated using option `tlsSocketType`
Other
- CONJ-561 : JDBC 4.3 partial implementation java.sql.Statement methods isSimpleIdentifier, enquoteIdentifier, enquoteLiteral and enquoteNCharLiteral
- CONJ-692 : ConnectionPoolDataSource interface addition to MariaDbPoolDataSource
- CONJ-563 : closing possible option batch thread on driver deregistration.
Bug fixes
- CONJ-732 : Driver getPropertyInfo returns no options information when url is empty
- CONJ-734 : DatabaseMetaData.getSchemaTerm now return "schema", not empty string
New options
credentialType | Indicate the credential plugin type to use. Plugin must be present in classpath |
---|---|
tlsSocketType | Indicate TLS socket type implementation |
serverRsaPublicKeyFile | Indicate path to MySQL server public RSA key file |
allowPublicKeyRetrieval | Authorize client to ask MySQL server public RSA key file if not set using serverRsaPublicKeyFile Default: false |
Changelog
For a complete list of changes made in MariaDB Connector/J 2.5.0, with links to detailed information on each push, see the changelog.
Be notified of new MariaDB Server releases automatically by subscribing to the MariaDB Foundation community announce 'at' lists.mariadb.org announcement list (this is a low traffic, announce-only list). MariaDB plc customers will be notified for all new releases, security issues and critical bug fixes for all MariaDB plc products thanks to the Notification Services.
MariaDB may already be included in your favorite OS distribution. More
information can be found on the
Distributions which Include MariaDB
page.