-
Type: Improvement
-
Resolution: Fixed
-
Priority: Major - P3
-
Affects Version/s: None
-
Component/s: None
-
None
Description of Drivers Ticket:
https://jira.mongodb.org/browse/SPEC-1270 added an auth spec test which specified auth source and no username, requiring this to be an error:
- description: "authSource without username is invalid (default mechanism)" uri: "mongodb://localhost/?authSource=foo" valid: false
I think it will be helpful to also include tests that specify auth source and no username for other mechanisms, since the auth spec allows username to be omitted for some mechanisms:
username (string)
Applies to all mechanisms.
Optional for MONGODB-X509 and MONGODB-IAM.
For example, I propose adding the following test:
- description: "authSource without username is valid for $external" uri: "mongodb://localhost/?authSource=$external" valid: true credential: source: "$external"
See DRIVERS-949 for updated details.
- is depended on by
-
DRIVERS-949 Add tests for allowed cases when authSource is given but username is not
- Implementing
- is related to
-
RUST-479 Lift restriction on authSource without credentials
- Closed