[DRIVERS-568] Make some unauthenticated commands require auth Created: 24/Aug/18  Updated: 10/Sep/19  Resolved: 10/Sep/19

Status: Closed
Project: Drivers
Component/s: None
Fix Version/s: None

Type: Improvement Priority: Major - P3
Reporter: Gregory McKeon (Inactive) Assignee: Unassigned
Resolution: Won't Fix Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Depends
depends on SERVER-12143 Make some unauthenticated commands re... Closed

 Description   

There are currently 19 commands that do not require authentication. Several of these commands has no use case before an successful authentication has been performed.

To reduce the unauthenticated API surface without introducing any complexity into the auth system we should introduce commands that require authentication but not authorization.

The following commands should only be runnable after a successful authentication (with any user, even a user with no roles):
availableQueryOptions, buildinfo, copydbgetnonce, features, forceerror, getoptime, isdbgrid, isMaster*, listCommands, logout, whatsmyuri

*isMaster is used by several drivers before performing any authentication so this change will require driver adoption.

The following commands should be kept as they are:
_isSelf, authenticate, connectionStatus, getLastError, getnonce, getPrevError, ping, resetError



 Comments   
Comment by Rathi Gnanasekaran [ 10/Sep/19 ]

Closing ticket with same resolution as parent server ticket.

Comment by Jeffrey Yemin [ 31/Aug/18 ]

Note that putting buildInfo behind auth will require changes to Java and .NET drivers which may introduce compatibility issues.

Generated at Thu Feb 08 08:21:50 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.