diff --git a/server/core/config.c b/server/core/config.c
index 58f5d92b3..d827c4502 100644
--- a/server/core/config.c
+++ b/server/core/config.c
@@ -309,6 +309,7 @@ int			error_count = 0;
 				char *enable_root_user;
 				char *connection_timeout;
 				char *auth_all_servers;
+				char *optimize_wildcard;
 				char *strip_db_esc;
 				char *weightby;
 				char *version_string;
@@ -330,9 +331,14 @@ int			error_count = 0;
 						obj->parameters,
 						"connection_timeout");
 
-				auth_all_servers = 
+				optimize_wildcard =
 					config_get_value(
 						obj->parameters, 
+						"optimize_wildcard");
+
+				auth_all_servers =
+					config_get_value(
+						obj->parameters,
 						"auth_all_servers");
 
 				strip_db_esc = 
@@ -407,6 +413,10 @@ int			error_count = 0;
 					serviceAuthAllServers(obj->element, 
 						config_truth_value(auth_all_servers));
 
+				if(optimize_wildcard)
+					serviceOptimizeWildcard(obj->element,
+						config_truth_value(optimize_wildcard));
+
 				if(strip_db_esc)
 					serviceStripDbEsc(obj->element, 
 						config_truth_value(strip_db_esc));
@@ -1426,6 +1436,7 @@ SERVER			*server;
 					char *connection_timeout;
 
 					char* auth_all_servers;
+					char* optimize_wildcard;
 					char* strip_db_esc;
 					char* max_slave_conn_str;
 					char* max_slave_rlag_str;
@@ -1441,6 +1452,7 @@ SERVER			*server;
 								"passwd");
                     
 					auth_all_servers = config_get_value(obj->parameters, "auth_all_servers");
+					optimize_wildcard = config_get_value(obj->parameters, "optimize_wildcard");
 					strip_db_esc = config_get_value(obj->parameters, "strip_db_esc");
 					version_string = config_get_value(obj->parameters, "version_string");
 					allow_localhost_match_wildcard_host = config_get_value(obj->parameters, "localhost_match_wildcard_host");
@@ -1464,9 +1476,11 @@ SERVER			*server;
 
 
                                                 if(auth_all_servers)
-                                                    serviceAuthAllServers(service, atoi(auth_all_servers));
+                                                    serviceAuthAllServers(service, config_truth_value(auth_all_servers));
+						if(optimize_wildcard)
+                                                    serviceOptimizeWildcard(service, config_truth_value(optimize_wildcard));
 						if(strip_db_esc)
-                                                    serviceStripDbEsc(service, atoi(strip_db_esc));
+                                                    serviceStripDbEsc(service, config_truth_value(strip_db_esc));
 
 						if (allow_localhost_match_wildcard_host)
 							serviceEnableLocalhostMatchWildcardHost(
@@ -1575,6 +1589,7 @@ SERVER			*server;
 					char *connection_timeout;
 					char *allow_localhost_match_wildcard_host;
 					char *auth_all_servers;
+					char *optimize_wildcard;
 					char *strip_db_esc;
 
 					enable_root_user = 
@@ -1587,6 +1602,9 @@ SERVER			*server;
 					auth_all_servers = 
                                                 config_get_value(obj->parameters, 
                                                                  "auth_all_servers");
+					optimize_wildcard =
+                                                config_get_value(obj->parameters,
+                                                                 "optimize_wildcard");
 					strip_db_esc = 
                                                 config_get_value(obj->parameters, 
                                                                  "strip_db_esc");
@@ -1837,6 +1855,7 @@ static char *service_params[] =
                 "enable_root_user",
                 "connection_timeout",
                 "auth_all_servers",
+		"optimize_wildcard",
                 "strip_db_esc",
                 "localhost_match_wildcard_host",
                 "max_slave_connections",
diff --git a/server/core/dbusers.c b/server/core/dbusers.c
index 7d3e26880..2a9e982da 100644
--- a/server/core/dbusers.c
+++ b/server/core/dbusers.c
@@ -970,7 +970,7 @@ getAllUsers(SERVICE *service, USERS *users)
 			}
 		    }
 
-		    if(havedb && wildcard_db_grant(dbnm))
+		    if(service->optimize_wildcard && havedb && wildcard_db_grant(dbnm))
 		    {
 			rc = add_wildcard_users(users, row[0], row[1], password, row[4], dbnm, service->resources);
 			skygw_log_write(LOGFILE_DEBUG|LOGFILE_TRACE,"%s: Converted '%s' to %d individual database grants.",service->name,dbnm,rc);
@@ -1454,7 +1454,7 @@ getUsers(SERVICE *service, USERS *users)
 		if (db_grants) {
 			/* we have dbgrants, store them */
 
-		    if(wildcard_db_grant(row[5]))
+		    if(service->optimize_wildcard && wildcard_db_grant(row[5]))
 		    {
 			rc = add_wildcard_users(users, row[0], row[1], password, row[4], row[5], service->resources);
 			skygw_log_write(LOGFILE_DEBUG|LOGFILE_TRACE,"%s: Converted '%s' to %d individual database grants.",service->name,row[5],rc);
diff --git a/server/core/service.c b/server/core/service.c
index ad1a266b6..4584ded24 100644
--- a/server/core/service.c
+++ b/server/core/service.c
@@ -823,7 +823,7 @@ serviceEnableRootUser(SERVICE *service, int action)
  * Enable/Disable loading the user data from only one server or all of them
  *
  * @param service	The service we are setting the data for
- * @param action	1 for root enable, 0 for disable access
+ * @param action	1 for all servers, 0 for single server
  * @return		0 on failure
  */
 
@@ -838,6 +838,28 @@ serviceAuthAllServers(SERVICE *service, int action)
 	return 1;
 }
 
+/**
+ * Enable/Disable optimization of wildcard database grats
+ *
+ * @param service	The service we are setting the data for
+ * @param action	1 for optimized, 0 for normal grants
+ * @return		0 on failure
+ */
+
+int
+serviceOptimizeWildcard(SERVICE *service, int action)
+{
+	if (action != 0 && action != 1)
+		return 0;
+
+	service->optimize_wildcard = action;
+	if(action)
+	{
+	    LOGIF(LM,(skygw_log_write(LOGFILE_MESSAGE,"[%s] Optimizing wildcard database grants.",service->name)));
+	}
+	return 1;
+}
+
 /**
  * Whether to strip escape characters from the name of the database the client
  * is connecting to.
diff --git a/server/include/service.h b/server/include/service.h
index c95a73095..f26c99806 100644
--- a/server/include/service.h
+++ b/server/include/service.h
@@ -141,6 +141,7 @@ typedef struct service {
         bool            strip_db_esc;      /*< Remove the '\' characters from database names
                                             * when querying them from the server. MySQL Workbench seems
                                             * to escape at least the underscore character. */
+        bool optimize_wildcard;             /*< Convert wildcard grants to individual database grants */
 	SPINLOCK
 			users_table_spin;	/**< The spinlock for users data refresh */
 	SERVICE_REFRESH_RATE
@@ -184,6 +185,7 @@ extern	char	*serviceGetWeightingParameter(SERVICE *);
 extern	int	serviceEnableLocalhostMatchWildcardHost(SERVICE *, int);
 int serviceStripDbEsc(SERVICE* service, int action);
 int serviceAuthAllServers(SERVICE *service, int action);
+int serviceOptimizeWildcard(SERVICE *service, int action);
 extern	void	service_update(SERVICE *, char *, char *, char *);
 extern	int	service_refresh_users(SERVICE *);
 extern	void	printService(SERVICE *);
diff --git a/server/modules/protocol/mysql_common.c b/server/modules/protocol/mysql_common.c
index 2365ebbec..ebc470d90 100644
--- a/server/modules/protocol/mysql_common.c
+++ b/server/modules/protocol/mysql_common.c
@@ -1524,7 +1524,19 @@ int gw_find_mysql_user_password_sha1(char *username, uint8_t *gateway_password,
 					dcb->remote)));
 
 			user_password = mysql_users_fetch(service->users, &key);
-     
+
+			if (user_password)
+			{
+			    break;
+			}
+
+			/** See if ANYDB == Y */
+			if(key.resource)
+			{
+			    key.resource = NULL;
+			    continue;
+			}
+
 			if (!user_password) {
 				/*
 				 * user@% not found.