Bug #104537 Proxy users need a successor for sha256_password
Submitted: 4 Aug 2021 15:52 Modified: 5 Aug 2021 12:51
Reporter: Holger Thiel Email Updates:
Status: Not a Bug Impact on me:
None 
Category:MySQL Server: Pluggable Authentication Severity:S4 (Feature request)
Version:8.0.26 OS:Any
Assigned to: CPU Architecture:Any

[4 Aug 2021 15:52] Holger Thiel 
Description:
https://dev.mysql.com/doc/refman/8.0/en/sha256-pluggable-authentication.html

"Because caching_sha2_password is the default authentication plugin in MySQL 8.0 and provides a superset of the capabilities of the sha256_password authentication plugin, sha256_password is deprecated."

This is not quite correct. caching_sha2_password does not support the proxy function.

So there must be a solution (mysql_native_password is not a recommended solution).

How to repeat:
Check proxy funczionality with caching_sha2_password.

Suggested fix:
A future proxy solution for SHA-256 or better.
[5 Aug 2021 12:51] MySQL Verification Team 
Hi Mr. Thiel,

Thank you for your feature request.

We opine that text in our Reference Manual is quite clear. sha256_password will be removed in some future version. It says 'version' and not 'release'. That means that removal is planned for either MySQL 9.0 or 8.1, what ever it is named in the future.

When it comes out, it will definitely have SHA256 capabilities for the proxy users.