Remove support for specifying MONGODB-AWS authentication properties explicitly

XMLWordPrintableJSON

    • Needed
    • Hide

      Summary of necessary driver changes

      •  

      Commits for syncing spec/prose tests
      (and/or refer to an existing language POC if needed)

      •  

      Context for other referenced/linked tickets

      •  
      Show
      Summary of necessary driver changes   Commits for syncing spec/prose tests (and/or refer to an existing language POC if needed)   Context for other referenced/linked tickets  
    • $i18n.getText("admin.common.words.hide")
      Key Status/Resolution FixVersion
      CDRIVER-6056 Backlog
      CXX-3314 Backlog
      CSHARP-5651 Investigating
      GODRIVER-3614 Blocked
      JAVA-5919 Blocked
      NODE-7046 Backlog
      PYTHON-5445 Blocked
      PHPLIB-1692 Blocked
      RUBY-3686 Blocked
      RUST-2248 Blocked
      $i18n.getText("admin.common.words.show")
      #scriptField, #scriptField *{ border: 1px solid black; } #scriptField{ border-collapse: collapse; } #scriptField td { text-align: center; /* Center-align text in table cells */ } #scriptField td.key { text-align: left; /* Left-align text in the Key column */ } #scriptField a { text-decoration: none; /* Remove underlines from links */ border: none; /* Remove border from links */ } /* Add green background color to cells with FixVersion */ #scriptField td.hasFixVersion { background-color: #00FF00; /* Green color code */ } #scriptField td.willNotDo { background-color: #FF0000; /* Red color code */ } /* Center-align the first row headers */ #scriptField th { text-align: center; } Key Status/Resolution FixVersion CDRIVER-6056 Backlog CXX-3314 Backlog CSHARP-5651 Investigating GODRIVER-3614 Blocked JAVA-5919 Blocked NODE-7046 Backlog PYTHON-5445 Blocked PHPLIB-1692 Blocked RUBY-3686 Blocked RUST-2248 Blocked

      Summary

      Remove support for specifying MONGODB-AWS authentication properties explicitly from both the connection string and MongoCredential constructor (or equivalent).  The end result would be an API like:

      • Connection string: mongodb+srv://<host>/?authMechanism=MONGODB-AWS
      • MongoCredential constructor: MongoCredential.createAwsCredential()

      As with any API change, the existing API would have to go through a deprecation cycle before it's removed.

      Motivation

      Who is the affected end user?

      Application developers

      How does this affect the end user?

      Application developers are confused by the existing API, where accessKeyId, secretKey, and sessionToken can by explicitly specified in the connection string or MongoCredential constructor.  It's almost never what you want to do in a production setting, since almost everyone wants to use some sort of temporary, expirable credential, and specifying it explicitly doesn't allow for that.  The end result is that authentication initially succeeds, but when the session token expires, it starts to fail, and users are confused.  Then we have to explain to them about the AWS SDK, which they often aren't even aware of despite our documentation, and the result is an unhappy customer that has wasted a lot of time.

      We've even seen cases where customers think they have to recycle their entire MongoClient every few minutes in order to use AWS authentication.

      How likely is it that this problem or use case will occur?

      Fairly likely

      If the problem does occur, what are the consequences and how severe are they?

      Loss of availability when the session token expires is the most likely consequence of mis-use of our current API.

      Is this issue urgent?

      Important but not urgent

      Is this ticket required by a downstream team?

      No

      Is this ticket only for tests?

      No

      Acceptance Criteria

      What specific requirements must be met to consider the design phase complete?

              Assignee:
              Unassigned
              Reporter:
              Jeffrey Yemin
              Daria Pardue Daria Pardue
              Alex Bevilacqua Alex Bevilacqua
              Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

                Created:
                Updated: