Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-8157

Server should allow multiple users stored in the same database to authenticate on the same connection



    • Type: Improvement
    • Status: Closed
    • Priority: Major - P3
    • Resolution: Won't Fix
    • Affects Version/s: 2.3.2
    • Fix Version/s: None
    • Component/s: Security
    • Labels:
    • Backwards Compatibility:
      Minor Change


      The server currently only allows you to authenticate one user at a time from a given database per connection. Now that we support storing users in one database and granting them access to other databases, here's a reasonable use case:

      1. I create users "X" and "Y" in the "users" database
      2. I grant "X" access to some databases
      3. I grant "Y" access to some other databases
      4. I want to authenticate as both "X" and "Y" on the same connection to get access to both sets of databases

      This is in contradiction to SERVER-8144 which requests that logging on as "Y" (after "X") will automatically log off "X". But I think the behavior being requested in this JIRA is more logical and useful.

      A related change would be that the logout command should have an additional parameter called "username".

      This would be slightly backward breaking if a program was counting on the previous behavior, but only in the sense that they would have slightly more privileges than if "X" was automatically logged out.


          Issue Links



              • Votes:
                1 Vote for this issue
                6 Start watching this issue


                • Created: