[CXX-401] SCRAM-SHA-1 should be used in when max wire version is greater than or equal to 3 Created: 07/Nov/14  Updated: 13/Nov/14  Resolved: 10/Nov/14

Status: Closed
Project: C++ Driver
Component/s: Implementation
Affects Version/s: None
Fix Version/s: legacy-1.0.0-rc2

Type: Bug Priority: Blocker - P1
Reporter: Spencer Jackson Assignee: Spencer Jackson
Resolution: Done Votes: 0
Labels: legacy-cxx
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Related
is related to CXX-384 Handle auth mechanism defaulting and ... Closed

 Description   

Under wire version 3, the current wire version, servers have two operation modes. If it's a partly upgraded server, with users created with MONGODB-CR, it will operate in a compatibility mode which, with some overhead, will allow users to connect using SCRAM to those accounts. If the server has been completely upgraded, and all users have been migrated to native SCRAM, or the server has been freshly brought up on 2.8, then it will only accept incoming authentication requests using SCRAM. MONGODB-CR requests will be denied.

Currently, we only use SCRAM when the max wire version of the server is greater than 3. This means we will currently always use MONGODB-CR when connecting to a 2.8 server. If the user has not manually specified an authentication mechanism, as in the auth method which accepts the username and password as strings, we should default to using SCRAM for wire version >= 3, and allow the server to sort out how to handle it.



 Comments   
Comment by Githook User [ 10/Nov/14 ]

Author:

{u'username': u'spencerjackson', u'name': u'Spencer Jackson', u'email': u'spencer.jackson@mongodb.com'}

Message: CXX-401 Use SCRAM for wire version 3
Branch: legacy
https://github.com/mongodb/mongo-cxx-driver/commit/f9fa0ca37de79216b10e76f9788c2b7db8ea530f

Comment by Spencer Jackson [ 07/Nov/14 ]

https://github.com/mongodb/mongo-cxx-driver/pull/199

Generated at Wed Feb 07 21:59:06 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.