[JAVA-2510] Cache SCRAM-SHA-1 ClientKey Created: 05/May/17  Updated: 29/Oct/23  Resolved: 12/Apr/18

Status: Closed
Project: Java Driver
Component/s: Security
Affects Version/s: None
Fix Version/s: 3.8.0

Type: New Feature Priority: Major - P3
Reporter: Rathi Gnanasekaran Assignee: Ross Lawley
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Depends
is depended on by DRIVERS-343 Cache SCRAM ClientKey Closed
Case:

 Description   

SCRAM-SHA-1, by design, consumes a great deal of CPU resources while performing authentication. This can be a problem while populating connection pools, where many clients are authenticating at once. Fortunately, most of the expensive computations of SCRAM can be reused across multiple authentication requests. RFC 5802 makes provisions for this:

Note that a client implementation MAY cache ClientKey&ServerKey (or just SaltedPassword) for later reauthentication to the same service, as it is likely that the server is going to advertise the same salt value upon reauthentication. This might be useful for mobile clients where CPU usage is a concern.



 Comments   
Comment by Githook User [ 12/Apr/18 ]

Author:

{'email': 'ross.lawley@gmail.com', 'name': 'Ross Lawley', 'username': 'rozza'}

Message: SCRAM-SHA Client & Server Key cache

JAVA-2510
Branch: master
https://github.com/mongodb/mongo-java-driver/commit/258807ecba22b1e755e7b1f11f6a9f8798584bb0

Comment by Ross Lawley [ 01/Mar/18 ]

PR: https://github.com/rozza/mongo-java-driver/pull/256

Generated at Thu Feb 08 08:57:24 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.