Uploaded image for project: 'Documentation'
  1. Documentation
  2. DOCS-14395

Investigate changes in SERVER-56267: Prevent authentication as multiple users on API versioned connections

    XMLWordPrintable

Details

    • Task
    • Status: Resolved
    • Major - P3
    • Resolution: Fixed
    • None
    • 5.0.0-rc0
    • manual, Server
    • None

    Description

      Description

      Downstream Change Summary

      When { api:

      Unknown macro: { strict}

      } is specified, three classes of multi authentication will be rejected:

      • Re-authenticating as the same user on the same database.
      • Authenticating as new user on a previously authenticated database.
      • Authenticating as any user on a new database when previous authenticated on a different database.

      All three of these cases emit log entries at warning severity with our without { api:

      Unknown macro: { strict}

      }. These entries have log ids 5626700, 5626701, and 5626702.

      Description of Linked Ticket

      If a client connects to a database and attempts to authenticate as multiple users, by performing multiple authentication exchanges on multiple databases, we should:

      • Emit a log warning indicating that this behaviour is deprecated
      • Reject the second authentication attempt if they provided an API version and specified {apiStrict: true} for their connection. We should not enforce this limitation if testCommands are enabled, to prevent it from impacting our integration testing infrastructure.

      Scope of changes

      Impact to Other Docs

      MVP (Work and Date)

      Resources (Scope or Design Docs, Invision, etc.)

      Attachments

        Issue Links

          Activity

            People

              joseph.dougherty@mongodb.com Joseph Dougherty
              backlog-server-pm Backlog - Core Eng Program Management Team
              Githook User Githook User
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:
                1 year, 9 weeks ago