-
Type: Improvement
-
Resolution: Fixed
-
Priority: Major - P3
-
Affects Version/s: None
-
Component/s: Auth
-
None
Per RFC5802:
Note that a client implementation MAY cache ClientKey&ServerKey (or just SaltedPassword) for later reauthentication to the same service, as it is likely that the server is going to advertise the same salt value upon reauthentication. This might be useful for mobile clients where CPU usage is a concern.
We should use the hash name as part of the cache key, for future compatibility if / when we add some new version of SCRAM.
- is depended on by
-
DRIVERS-343 Cache SCRAM ClientKey
- Closed
-
MOTOR-167 Cache SCRAM-SHA-1 ClientKey
- Closed
- related to
-
PYTHON-1609 Calling Database.authenticate more than once with the same credentials results in OperationFailure
- Closed
-
PYTHON-1613 Authentication fails when SCRAM-SHA-1 is used to authenticate users with only MONGODB-CR credentials
- Closed