MariaDB Connector/J 2.5.0 Release Notes
The most recent Stable (GA) release of MariaDB Connector/J is:MariaDB Connector/J 3.5.3
DownloadRelease NotesChangelogConnector/J Overview
Release date: 3 Oct 2019
MariaDB Connector/J 2.5.0 is a Release Candidate (RC) release.
NOTE: MariaDB Connector/J 2.5.0 is fully compatible with the latest release of version 2.4. Further maintenance releases will not be provided for version 2.4.
For an overview of MariaDB Connector/J see theAbout MariaDB Connector/J page
Evolutions
Authentication service
Client authentication plugins are now defined as services. This permits to easily add new client authentication plugins.
The driver has 2 new plugins caching_sha2_password
and sha256_password plugin
for MySQL compatibility
List of authentication plugins in java connector :
mysql_clear_password
auth_gssapi_client
client_ed25519
mysql_native_password
mysql_old_password
dialog (PAM)
sha256_password
caching_sha2_password
New authentication plugins can be created implementing interface org.mariadb.jdbc.authentication.AuthenticationPlugin, and listing new plugin in a META-INF/services/org.mariadb.jdbc.authentication.AuthenticationPlugin file.
Credential service
Credentials are usually set using user/password in the connection string or by using DriverManager.getConnection(String url, String user, String password).
Credential plugins permit to provide credential information from other means. Those plugins have to be activated setting option credentialType
to designated plugin.
The driver has 3 default plugins :
AWS IAM
This permits AWS database IAM authentication. The plugin generate a token using IAM credential and region. Token is valid for 15 minutes and cached for 10 minutes.
To use this credential authentication, com.amazonaws:aws-java-sdk-rds dependency must be registred in classpath. Implementation use SDK DefaultAWSCredentialsProviderChain and DefaultAwsRegionProviderChain to get IAM credential and region. see DefaultAWSCredentialsProviderChain and DefaultAwsRegionProviderChain to check how those information can be retrieved (environment variable / system properties, files, ...)
Example: jdbc:mariadb://host/db?credentialType=AWS-IAM&useSsl&serverSslCert=/somepath/rds-combined-ca-bundle.pem
with AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY and AWS_REGION environment variable set.
Environment
User and Password are retrieved from environment variables. default environment variables are MARIADB_USER and MARIADB_PWD, but can be changed by setting additional option userKey
and pwdKey
Example : using connection string jdbc:mariadb://host/db?credentialType=ENV
user and password will be retrieved from environment variable MARIADB_USER and MARIADB_PWD.
Property
User and Password are retrieved from java properties. default property name are mariadb.user and mariadb.pwd, but property names can be changed by setting additional option userKey
and pwdKey
Example : using connection string jdbc:mariadb://host/db?credentialType=PROPERTY&userKey=mariadbUser&pwdKey=mariadbPwd
user and password will be retrieved from java properties mariadbUser
and mariadbPwd
SSL factory service
A connection to a server initially creates a socket. When set, SSL socket is layered over this existing socket. Implementing org.mariadb.jdbc.tls.TlsSocketPlugin permit to provide custom SSL implementation for example create a new HostnameVerifier implementation.
Custom implementation need to implement org.mariadb.jdbc.tls.TlsSocketPlugin and register service META-INF/services/org.mariadb.jdbc.tls.TlsSocketPlugin
Custom implementation are activated using option tlsSocketType
Other
CONJ-561 : JDBC 4.3 partial implementation java.sql.Statement methods isSimpleIdentifier, enquoteIdentifier, enquoteLiteral and enquoteNCharLiteral
CONJ-692 : ConnectionPoolDataSource interface addition to MariaDbPoolDataSource
CONJ-563 : closing possible option batch thread on driver deregistration.
Bug fixes
CONJ-732 : Driver getPropertyInfo returns no options information when url is empty
CONJ-734 : DatabaseMetaData.getSchemaTerm now return "schema", not empty string
New options
credentialType
Indicate the credential plugin type to use. Plugin must be present in classpath
tlsSocketType
Indicate TLS socket type implementation
serverRsaPublicKeyFile
Indicate path to MySQL server public RSA key file
allowPublicKeyRetrieval
Authorize client to ask MySQL server public RSA key file if not set using serverRsaPublicKeyFileDefault: false
Changelog
For a complete list of changes made in MariaDB Connector/J 2.5.0, with links to detailed information on each push, see the changelog.
This page is: Copyright © 2025 MariaDB. All rights reserved.
Last updated
Was this helpful?