Re: SQLException: Access denied for user 'xxxx_user'@'' (using password: YES) to database 'xxxx_dbName'
Posted by: Filipe Silva
Date: June 09, 2022 09:32AM

The IP identifies the origin of the connection. As you know, you can create users with host restriction so that only connections from those locations are accepted in the database. In that sense, the IP is as if it were part of the user name, and MySQL always reports back this information because it would be needed to identify wrong configurations and such.

Assuming Connector/J is running on some middle layer software, this information is crucial to know what is being attempted during the authentication and helps mitigating connectivity issues. I don't think there's an issue with this. After all, the IP you see there is the one from the originating system which already knows who it is.

You got a point, though. Leaking this information up to client UI could expose a little bit too much information, but, I would say this is a matter of sanitizing error messages property. Don't you agree?

Options: ReplyQuote

Written By
Re: SQLException: Access denied for user 'xxxx_user'@'' (using password: YES) to database 'xxxx_dbName'
June 09, 2022 09:32AM

Sorry, you can't reply to this topic. It has been closed.

Content reproduced on this site is the property of the respective copyright holders. It is not reviewed in advance by Oracle and does not necessarily represent the opinion of Oracle or any other party.