Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-8801

Support multiple concurrent authentication requests on a single connection.



    • Type: Improvement
    • Status: Open
    • Priority: Minor - P4
    • Resolution: Unresolved
    • Affects Version/s: 2.4.0-rc1
    • Fix Version/s: Backlog
    • Component/s: Security
    • Labels:
    • Environment:


      With the upgraded security features in 2.4, specifically delegating authentication credentials to different databases/sources, all drivers must now ensure that all credentials provided by the application are asserted for each connection prior to submitting any application requests. The driver has lost visibility into what requests need which credentials.

      Prior to the delegate credentials drivers could lazy interleave authentication request between other messages and simply ensure that the database a user was accessing already had its credentials asserted on the connection. Using this model the driver only had to assert a single set of credentials before using the connection for the application's requests.

      In the new security world, it should be possible for the drivers to pipeline the all of the commands to start all of the credential assertions and then handle the responses to the requests as they are returned from the server. This could significantly reduce the initial connection latency when there is a large number of credentials to assert or there is a high latency connection from the client to the server.

      Currently the ClientBasic only supports a single AuthenticationSession making pipelined authentication requests impossible as each authentication start message clobbers the previous start. This should be changed to maintain a set of AuthenticationSessions.




            • Votes:
              0 Vote for this issue
              7 Start watching this issue


              • Created: