Uploaded image for project: 'Node Driver'
  1. Node Driver
  2. NODE-1674

Fix auth workflow with regards to auth mechanism resolution

    XMLWordPrintable

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Major - P3
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 3.2.0
    • Component/s: auth, core
    • Labels:
      None

      Description

      See this comment .

      • If you do not provide a mechanism, or if you say "default" we need do to mechanism negotiation. As of MongoDB 4.0, this requires an ismaster to get saslSupportedMechs
      • For mechanism negotiation to work, we need to have credentials available at the time of topology connect, which happens before the actual auth call. This way, we can add the saslSupportedMechs field to the first outgoing ismaster
      • At the same time, there is legacy support for authenticating on connect, where you pass credentials in to the initial connect call, and immediately auth. This is a problem, since the credentials have not been mechanism negotiated yet, so they will still say default.

      Lets find a way to do this that is neater

        Attachments

          Activity

            People

            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: