Details
-
Task
-
Resolution: Fixed
-
Major
-
None
-
DOC-2020-S17-Sep06
-
1
Description
When using PLAIN mechanism to pass LDAP credentials from the client and the Couchbase Server has external authentication enabled user may get Authentication Failure if TLS is not used in the client. This is because, by default, when TLS is not used, PLAIN authentication is disabled in .Net SDK version 3.0 because it is insecure as user credentials will be sent over unencrypted.
To force the SASL PLAIN to be used, one needs to use `TLS`/`SSL` by installing the certificate and then enabling TLS/SSL.
var options = new ClusterOptions{ |
EnableTls = true |
};
|
|
var cluster = await Cluster.ConnectAsync(options);
|
Enabling TLS is required as it creates a secure tunnel through which PLAIN passwords can be sent securely.
I feel this should be documented in our documentation for Managing Connections using the .NET SDK with Couchbase Server.