|
MongoDB 3.4 will automatically extract the username from the provided certificate, so the authenticate command no longer requires it.
See the recent update to the spec:
https://github.com/mongodb/specifications/commit/964a8aa571040208bd5e5443241b3bb628fb535f
Validation requirements:
- When connected to MongoDB 3.4:
- You MUST NOT raise an error when the application only provides an X.509 certificate and no username.
- If the application does not provide a username you MUST NOT send a username to the server.
- If the application provides a username you MUST send that username to the server.
- When connected to MongoDB 3.2 or earlier:
- You MUST send a username to the server.
- If no username is provided by the application, you MAY extract the username from the X.509 certificate instead of requiring the application to provide it.
- If you choose not to automatically extract the username from the certificate you MUST error when no username is provided by the application.
|