Details
-
Bug
-
Resolution: Fixed
-
None
-
None
Description
I have recently learned that once LDAP user authentication is enabled, the server expects Java clients to use TLS by default. Clients not using TLS have to make use of appropriate clusterOptions in Cluster.connect() calls.
See https://issues.couchbase.com/browse/CBSE-8172 and https://issues.couchbase.com/browse/JVMCBC-826 for details.
I haven't tested the behavior with non-Java SDKs, therefore I can't comment on that.
My request is that a generic caution like the following be added in this document.
Once LDAP user authentication is enabled, it will be best if the SDK clients start using TLS. Otherwise, they may have to refactor the Cluster.connect() code for logging in using LDAP users and non-LDAP users.