Honestly, I dislike the approach. I don't want to tell my mysql <hello, please allow the user foo to authenticate itself with the password bar> and my webapp <hello webapp, please use the user foo and the password bar for the mysql over there>.
I want to tell the system <look, I have a user foo, and the webapp over there needs access to the mysql over here with that user. Make it so.>
I don't need to know the password my application uses to access the database. I don't WANT that password. No human should ever see this password. And heck, if the system wants to, just swithc passwords every 60 minutes. I don't want to care.
I want to tell the system <look, I have a user foo, and the webapp over there needs access to the mysql over here with that user. Make it so.>
I don't need to know the password my application uses to access the database. I don't WANT that password. No human should ever see this password. And heck, if the system wants to, just swithc passwords every 60 minutes. I don't want to care.