Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-8157

Server should allow multiple users stored in the same database to authenticate on the same connection

    • Type: Icon: Improvement Improvement
    • Resolution: Won't Fix
    • Priority: Icon: Major - P3 Major - P3
    • None
    • Affects Version/s: 2.3.2
    • Component/s: Security
    • Labels:
    • Minor Change

      The server currently only allows you to authenticate one user at a time from a given database per connection. Now that we support storing users in one database and granting them access to other databases, here's a reasonable use case:

      1. I create users "X" and "Y" in the "users" database
      2. I grant "X" access to some databases
      3. I grant "Y" access to some other databases
      4. I want to authenticate as both "X" and "Y" on the same connection to get access to both sets of databases

      This is in contradiction to SERVER-8144 which requests that logging on as "Y" (after "X") will automatically log off "X". But I think the behavior being requested in this JIRA is more logical and useful.

      A related change would be that the logout command should have an additional parameter called "username".

      This would be slightly backward breaking if a program was counting on the previous behavior, but only in the sense that they would have slightly more privileges than if "X" was automatically logged out.

            Unassigned Unassigned
            robert@mongodb.com Robert Stam
            1 Vote for this issue
            6 Start watching this issue