[JAVA-4290] Speculative authentication always uses admin as the source Created: 06/Sep/21  Updated: 28/Oct/23  Resolved: 07/Sep/21

Status: Closed
Project: Java Driver
Component/s: Security
Affects Version/s: None
Fix Version/s: 4.3.2

Type: Bug Priority: Major - P3
Reporter: Ross Lawley Assignee: Ross Lawley
Resolution: Fixed Votes: 1
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Duplicate
duplicates JAVA-4286 When we have two users with the same ... Closed
Case:

 Description   

Speculative authentication always uses "admin" as the source.

In certain circumstances this can lead to a Attempt to switch database target during SASL authentication error when using a non admin auth source and duplicated usernames.



 Comments   
Comment by Githook User [ 07/Sep/21 ]

Author:

{'name': 'Ross Lawley', 'email': 'ross.lawley@gmail.com', 'username': 'rozza'}

Message: Ensure speculative auth uses the credentials auth source. (#781)

JAVA-4290
Branch: 4.3.x
https://github.com/mongodb/mongo-java-driver/commit/88db1a2d7622f6ca0369605961d5c2e4cd2dd518

Comment by Githook User [ 07/Sep/21 ]

Author:

{'name': 'Ross Lawley', 'email': 'ross.lawley@gmail.com', 'username': 'rozza'}

Message: Ensure speculative auth uses the credentials auth source. (#781)

JAVA-4290
Branch: master
https://github.com/mongodb/mongo-java-driver/commit/852a9fb8ce1483beb68bd93f4605a00672719572

Generated at Thu Feb 08 09:01:42 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.