Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-41152

A space in the authenticationMechanisms string should produce at least a warning message

    XMLWordPrintable

    Details

    • Backwards Compatibility:
      Fully Compatible
    • Backport Requested:
      v4.2, v4.0
    • Sprint:
      Security 2019-06-03, Security 2019-06-17, Security 2019-07-01
    • Case:

      Description

      The security.authenticationMechanisms parameter (as documented here) requires that "If you specify multiple values, use a comma-separated list and no spaces."

      If you put a space like for example:

      authenticationMechanisms: "SCRAM-SHA-256, GSSAPI"
      

      SCRAM-SHA-256 will be enabled and GSSAPI not in a silent way. This can trick users and who needs to troubleshoot this.

      It would be nice to have a warning message that warns you that you have a space in the authenticationMechanisms parameter string and all the auth mechanisms specified may have not been enabled because of that.

        Attachments

          Activity

            People

            • Votes:
              1 Vote for this issue
              Watchers:
              5 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: