DOCSP-13829 authentication mechanism #18
Conversation
source/fundamentals/auth.txt
Outdated
| - MongoDB 3.0, 3.2, 3.4, and 3.6 | ||
|
|
||
| * - ``MONGODB-CR`` | ||
| - MongoDB 3.6 and earlier |
There was a problem hiding this comment.
I believe this should be 2.6 and earlier.
There was a problem hiding this comment.
hm, I found the mention in the server manual release notes and it says it was depreciated as of 3.6 -- maybe the edit is "earlier than MongoDB 3.6"?
There was a problem hiding this comment.
I'm not super familiar with default authentication mechanisms on the server, but if MONGODB-CR is 3.6 and earlier, is the default on 3.0 through 3.6 SCRAM-SHA-1 or MONGODB-CR?
There was a problem hiding this comment.
Based on chooseAuthMechanism it looks like we pick SCRAM-SHA-256 if it's supported, falling back to SCRAM-SHA-1 if not, and finally to MONGODB-CR if neither is supported.
There was a problem hiding this comment.
The link you provided contains /x, which I was told is experimental and not for public use.
There was a problem hiding this comment.
As discussed offline: most of our authentication logic is "unstable" API and is therefore under /x. I wouldn't point to code under /x in documentation, but I was just linking to that code here to explain how the Go driver actually picks the "default" auth mechanism.
|
Hi @kevinAlbs, This PR is ready for review. |
source/fundamentals/auth.txt
Outdated
| - MongoDB 3.0, 3.2, 3.4, and 3.6 | ||
|
|
||
| * - ``MONGODB-CR`` | ||
| - MongoDB 3.6 and earlier |
There was a problem hiding this comment.
I'm not super familiar with default authentication mechanisms on the server, but if MONGODB-CR is 3.6 and earlier, is the default on 3.0 through 3.6 SCRAM-SHA-1 or MONGODB-CR?
source/fundamentals/auth.txt
Outdated
| - MongoDB 3.0, 3.2, 3.4, and 3.6 | ||
|
|
||
| * - ``MONGODB-CR`` | ||
| - MongoDB 3.6 and earlier |
There was a problem hiding this comment.
Based on chooseAuthMechanism it looks like we pick SCRAM-SHA-256 if it's supported, falling back to SCRAM-SHA-1 if not, and finally to MONGODB-CR if neither is supported.
source/fundamentals/auth.txt
Outdated
| @@ -72,7 +73,7 @@ mechanisms depending on what MongoDB versions your server supports: | |||
| - MongoDB 3.0, 3.2, 3.4, and 3.6 | |||
|
|
|||
| * - ``MONGODB-CR`` | |||
| - MongoDB 3.6 and earlier | |||
| - MongoDB 3.6 and earlier if the server doesn't support``SCRAM-SHA-1`` | |||
There was a problem hiding this comment.
This still isn't correct. This table is for the default it looks like. MongoDB 3.0 changed the default from MongoDB-CR to SCRAM-*.
|
As discussed offline: while I do believe you can explicitly specify |
Pull Request Info
Added Fundamentals > Authentication Mechanisms page
Utilized snippets from Go driver repo: https://github.com/mongodb/mongo-go-driver/blob/master/mongo/client_examples_test.go
Based the format off of the Node and Java Auth Mechanism pages.
Issue JIRA link:
https://jira.mongodb.org/browse/DOCSP-13829
Docs staging link (requires sign-in on MongoDB Corp SSO):
https://docs-mongodbcom-staging.corp.mongodb.com/golang/docsworker-xlarge/DOCSP-13829-AuthMechanisms/fundamentals/auth/
Self-Review Checklist