[JAVA-828] Support SASL SCRAM-SHA1 authentication Created: 17/May/13  Updated: 27/May/22  Resolved: 14/Aug/14

Status: Closed
Project: Java Driver
Component/s: Authentication
Affects Version/s: None
Fix Version/s: 2.13.0, 3.0.0

Type: New Feature Priority: Major - P3
Reporter: Jeffrey Yemin Assignee: Craig Wilson
Resolution: Done Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Depends
depends on SERVER-7596 Support SCRAM-SHA-1 SASL Mechanism Closed
is depended on by DRIVERS-166 Implement the SCRAM-SHA-1 SASL Mechanism Closed
Server Compat: 2.7

 Description   

Server 2.8 will be implementing SCRAM-SHA-1 as a new authentication mechanism. Eventually, it will become the default mechanism and MONGODB-CR will be deprecated and removed.

As such, the Java driver will need to support SCRAM-SHA-1 for the 2.8 release. RFC 5802 describes the mechanism and how it should be implemented.



 Comments   
Comment by Githook User [ 30/Jan/15 ]

Author:

{u'username': u'craiggwilson', u'name': u'Craig Wilson', u'email': u'craiggwilson@gmail.com'}

Message: JAVA-828: support for SCRAM-SHA-1.
Branch: master
https://github.com/mongodb/mongo-java-driver/commit/3f13c93de86317dcb47f6625bbd27f9f06c494c2

Comment by Jeffrey Yemin [ 29/Jan/15 ]

2.13.0 has been released. Closing issue.

Comment by Githook User [ 14/Aug/14 ]

Author:

{u'username': u'craiggwilson', u'name': u'Craig Wilson', u'email': u'craiggwilson@gmail.com'}

Message: JAVA-828: support for SCRAM-SHA-1.
Branch: 3.0.x
https://github.com/mongodb/mongo-java-driver/commit/3f13c93de86317dcb47f6625bbd27f9f06c494c2

Comment by Githook User [ 13/Aug/14 ]

Author:

{u'username': u'craiggwilson', u'name': u'Craig Wilson', u'email': u'craiggwilson@gmail.com'}

Message: JAVA-828: added support for SCRAM-SHA-1
Branch: master
https://github.com/mongodb/mongo-java-driver/commit/888ace669803cb43c07f86769a9722210f84cee6

Comment by Jeffrey Yemin [ 01/Aug/14 ]

Note, this can go on master and be part of 2.13, so long as it's noted that it will only work with 2.8.

Comment by Jeffrey Yemin [ 18/Jul/14 ]

http://stackoverflow.com/questions/992019/java-256-bit-aes-password-based-encryption indicates that the Java driver implementation will not work with Java 5 with the default security provider (though probably could be made to work with Bouncycastle).

Generated at Thu Feb 08 08:53:10 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.