[SERVER-62476] Improve error message for unsupported SCRAM mechanism when authenticating with local.__system user Created: 10/Jan/22 Updated: 27/Mar/23 Resolved: 27/Mar/23 |
|
| Status: | Closed |
| Project: | Core Server |
| Component/s: | None |
| Affects Version/s: | None |
| Fix Version/s: | None |
| Type: | Task | Priority: | Major - P3 |
| Reporter: | Adam Rayner | Assignee: | Brad Moore |
| Resolution: | Cannot Reproduce | Votes: | 0 |
| Labels: | neweng | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Assigned Teams: |
Server Security
|
| Sprint: | Security 2023-04-03 |
| Participants: |
| Description |
|
“AuthenticationFailed: It is not possible to authenticate as the __system user on servers started without a --keyFile parameter”
We should improve the error message to be less confusing by failing the request earlier, e.g. in this block:
|
| Comments |
| Comment by Brad Moore [ 27/Mar/23 ] | ||||||
|
currently, starting a server without SCRAM-SHA-1 as an accepted authentication mechanism produces the correct error message if a connection attempt is made using SCRAM-SHA-1:
client:
server log:
|