Uploaded image for project: 'C++ Driver'
  1. C++ Driver
  2. CXX-401

SCRAM-SHA-1 should be used in when max wire version is greater than or equal to 3

      Under wire version 3, the current wire version, servers have two operation modes. If it's a partly upgraded server, with users created with MONGODB-CR, it will operate in a compatibility mode which, with some overhead, will allow users to connect using SCRAM to those accounts. If the server has been completely upgraded, and all users have been migrated to native SCRAM, or the server has been freshly brought up on 2.8, then it will only accept incoming authentication requests using SCRAM. MONGODB-CR requests will be denied.

      Currently, we only use SCRAM when the max wire version of the server is greater than 3. This means we will currently always use MONGODB-CR when connecting to a 2.8 server. If the user has not manually specified an authentication mechanism, as in the auth method which accepts the username and password as strings, we should default to using SCRAM for wire version >= 3, and allow the server to sort out how to handle it.

            Assignee:
            spencer.jackson@mongodb.com Spencer Jackson
            Reporter:
            spencer.jackson@mongodb.com Spencer Jackson
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated:
              Resolved: