-
Type: Task
-
Resolution: Unresolved
-
Priority: Major - P3
-
None
-
Affects Version/s: None
-
Component/s: None
-
Labels:None
-
Server Security
It's now possible for up to 3 different authentication mechanisms to be used on the `$external` database for authorization - OIDC, LDAP, and X.509. After SERVER-73208, OIDC access tokens will be able to be used for authentication only and derive roles from other sources (mostly internal user documents, but also potentially LDAP roles).
We should consider adding a test that ensures that a server can be configured with various combinations of authentication mechanisms and authorization backends and handle them appropriately.