From 0e156c04b4b7ce0563bef6c97af4476fcda8f160 Mon Sep 17 00:00:00 2001
From: xiongxiaoyang <1179705413@qq.com>
Date: Thu, 27 Mar 2025 22:24:56 +0800
Subject: [PATCH] =?UTF-8?q?fix:=20=E4=BF=AE=E5=A4=8D=E9=83=A8=E5=88=86?=
 =?UTF-8?q?=E7=8E=AF=E5=A2=83=20Public=20Key=20Retrieval=20is=20not=20allo?=
 =?UTF-8?q?wed=20=E9=94=99=E8=AF=AF?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

MySQL 8.0+ 默认使用 caching_sha2_password 认证插件，这种认证方式有两种工作模式：
- 如果使用SSL连接，直接通过安全通道传输密码
- 如果不使用SSL连接，客户端需要从服务器获取RSA公钥来加密密码
当设置 useSSL=false 但未明确允许公钥检索时，JDBC驱动出于安全考虑会阻止这种操作（报错：Public Key Retrieval is not allowed）。
生产环境中，应优先考虑：
1. 启用 SSL/TLS 加密连接
2. 如需禁用 SSL，改用 mysql_native_password 认证
3. 仅在受控环境（如开发环境）中使用 allowPublicKeyRetrieval=true
---
 config/shardingsphere-jdbc.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/config/shardingsphere-jdbc.yml b/config/shardingsphere-jdbc.yml
index d7cd327..057cc7e 100644
--- a/config/shardingsphere-jdbc.yml
+++ b/config/shardingsphere-jdbc.yml
@@ -11,13 +11,13 @@ dataSources:
   ds_1:
     dataSourceClassName: com.zaxxer.hikari.HikariDataSource
     driverClassName: com.mysql.cj.jdbc.Driver
-    jdbcUrl: jdbc:mysql://localhost:3306/novel_plus?useUnicode=true&characterEncoding=utf-8&useSSL=false&serverTimezone=Asia/Shanghai
+    jdbcUrl: jdbc:mysql://localhost:3306/novel_plus?allowPublicKeyRetrieval=true&useUnicode=true&characterEncoding=utf-8&useSSL=false&serverTimezone=Asia/Shanghai
     username: root
     password: test123456
   ds_2:
     dataSourceClassName: com.zaxxer.hikari.HikariDataSource
     driverClassName: com.mysql.cj.jdbc.Driver
-    url: jdbc:mysql://localhost:3306/information_schema?useUnicode=true&characterEncoding=utf-8&useSSL=false&serverTimezone=Asia/Shanghai
+    url: jdbc:mysql://localhost:3306/information_schema?allowPublicKeyRetrieval=true&useUnicode=true&characterEncoding=utf-8&useSSL=false&serverTimezone=Asia/Shanghai
     username: root
     password: test123456
 # 规则配置