|
This ticket would have helped in figure out which commands are not supposed to require auth for SERVER-34820.
spencer.jackson did some git-fu and came up with this list of commands "which explicitly set requiresAuth to return false, and so may be run by unauthenticated clients":
- saslStart
- saslContinue
- authenticate
- getnonce
- connectionStatus
- buildInfo
- ping
- listCommands (but we rather it weren't per SERVER-35482)
- resetError
- getLastError
- getPrevError
- shutdown (but still has an auth check)
- ismaster
- whatsmyuri (internal)
- _isSelf (internal)
And the test only commands that don't require auth:
- configureFailPoint
- echo
- refreshLogicalSessionCacheNow
- waitForOngoingChunkSplits
|