diff --git a/src/servers/src/auth.rs b/src/servers/src/auth.rs
index d7a4ed990c..35b5ac533b 100644
--- a/src/servers/src/auth.rs
+++ b/src/servers/src/auth.rs
@@ -110,7 +110,7 @@ pub enum Error {
     UserPasswordMismatch { username: String },
 
     #[snafu(display(
-        "User {} is not allowed to access catalog {} and schema {}",
+        "Access denied for user '{}' to database '{}-{}'",
         username,
         catalog,
         schema
diff --git a/src/servers/src/mysql/handler.rs b/src/servers/src/mysql/handler.rs
index 4fb8e9d566..ad13053a3b 100644
--- a/src/servers/src/mysql/handler.rs
+++ b/src/servers/src/mysql/handler.rs
@@ -190,10 +190,18 @@ impl<W: AsyncWrite + Send + Sync + Unpin> AsyncMysqlShim<W> for MysqlInstanceShi
             error::DatabaseNotFoundSnafu { catalog, schema }
         );
 
+        let user_info = &self.session.user_info();
+
         if let Some(schema_validator) = &self.user_provider {
-            schema_validator
-                .authorize(catalog, schema, &self.session.user_info())
-                .await?;
+            if let Err(e) = schema_validator.authorize(catalog, schema, user_info).await {
+                return w
+                    .error(
+                        ErrorKind::ER_DBACCESS_DENIED_ERROR,
+                        e.to_string().as_bytes(),
+                    )
+                    .await
+                    .map_err(|e| e.into());
+            }
         }
 
         let context = self.session.context();