Skip to content

Enable combined MongoDB URI and username/password properties usage #44712

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
mp911de opened this issue Mar 13, 2025 · 1 comment
Open

Enable combined MongoDB URI and username/password properties usage #44712

mp911de opened this issue Mar 13, 2025 · 1 comment
Labels
status: waiting-for-triage An issue we've not yet triaged

Comments

@mp911de
Copy link
Member

mp911de commented Mar 13, 2025

When configuring MongoDB authentication, the configuration needs to happen either through the URI or through individual properties. Specifying spring.data.mongodb.uri ignores spring.data.mongodb.username and spring.data.mongodb.password properties as we assume the ConnectionString encapsulates all details.

In cases where endpoint config is provided with through an URL but authentication should be provided through properties (e.g. Vault, external property sources), it is not possible to do so.

In other areas, such as JDBC, some drivers can accept authentication as part of the JDBC URL and username/password properties are considered additionally.

Ideally, when both, URI and authentication, are configured, spring.data.mongodb.username overrides what is specified through the connection string.

Related tickets:
@mp911de mp911de mentioned this issue Mar 13, 2025
Closed
@spring-projects-issues spring-projects-issues added the status: waiting-for-triage An issue we've not yet triaged label Mar 13, 2025
@wilkinsona
Copy link
Member

wilkinsona commented Mar 13, 2025
edited
Loading

In other areas, such as JDBC, some drivers can accept authentication as part of the JDBC URL and username/password properties are considered additionally.

A key difference here is that there are different number of targets in each case. With Mongo, we're using the properties to create only a ConnectionString. With a JDBC DataSource, we're using the properties to configure, for example, Hikari's jdbcUrl, username, and password.

Ideally, when both, URI and authentication, are configured, spring.data.mongodb.username overrides what is specified through the connection string

I'm not sure that is ideal, at least not for everyone. We know that some users rely on the current behavior where they can use host, port, username, and password properties in some situations and then override them all with the uri property. spring.data.mongodb.username overiding the credentials in spring.data.mongdb.uri would be a breaking change for them.

We can perhaps revisit this for 4.0 but I cannot see a way to please all of the people all of the time.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
status: waiting-for-triage An issue we've not yet triaged
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@wilkinsona @mp911de @spring-projects-issues