-
Type: Improvement
-
Resolution: Unresolved
-
Priority: Minor - P4
-
None
-
Component/s: None
-
None
https://jira.mongodb.org/browse/SPEC-1270 added an auth spec test which specified auth source and no username, requiring this to be an error:
- description: "authSource without username is invalid (default mechanism)" uri: "mongodb://localhost/?authSource=foo" valid: false
I think it will be helpful to also include tests that specify auth source and no username for other mechanisms, since the auth spec allows username to be omitted for some mechanisms:
username (string)
Applies to all mechanisms.
Optional for MONGODB-X509 and MONGODB-IAM.
For example, I propose adding the following test:
- description: "authSource without username is valid for $external" uri: "mongodb://localhost/?authSource=$external" valid: true credential: source: "$external"
- depends on
-
CDRIVER-3618 Add tests for allowed cases when authSource is given but username is not
- Backlog
-
CXX-1992 Add tests for allowed cases when authSource is given but username is not
- Backlog
-
CSHARP-3060 Add tests for allowed cases when authSource is given but username is not
- Closed
-
GODRIVER-1577 Add tests for allowed cases when authSource is given but username is not
- Closed
-
JAVA-3698 Add tests for allowed cases when authSource is given but username is not
- Closed
-
MOTOR-534 Add tests for allowed cases when authSource is given but username is not
- Closed
-
NODE-2563 Add tests for allowed cases when authSource is given but username is not
- Closed
-
PHPC-1591 Add tests for allowed cases when authSource is given but username is not
- Closed
-
PYTHON-2203 Add tests for allowed cases when authSource is given but username is not
- Closed
-
RUST-357 Add tests for allowed cases when authSource is given but username is not
- Closed
-
RUBY-2217 Add tests for allowed cases when authSource is given but username is not
- Closed
- related to
-
DRIVERS-796 Lift restriction on authSource without credentials
- Implementing