When using a "user_accounts_file" with database privileges given to users, those databases are not added to the list of known databases. This means that if MaxScale does not know about the database (always the case when using "file_only_always"-mode) and user attempts to login directly to it, MaxScale will reject the user. Change this so that any manual db-level grants cause the database name to be known to MaxScale.
It happens that MaxScale can be deployed on the non-trusted location. It means providing access to mysql.user is unsafe from there. Instead, only one specific MySQL account should be used from there and I'd like to pre-define it and prevent gathering other users from MySQL cluster. How it can be done?