Uploaded image for project: 'Couchbase Server'
  1. Couchbase Server
  2. MB-44777

The old bucket 'sasl_password' should be effectively removed



    • Untriaged
    • 1
    • Unknown


      The old bucket sasl_password is no longer needed or used and should be effectively removed.

      I say "effectively removed" as I think the most reasonable way to remove it for now is just set it to the empty string on upgraded clusters. (Removing it entirely is likely to break a bunch of tests, and I think we can do that work later.) In summary, I think the work should be:

      • when the sasl_password is set to some non-empty string when a bucket is created, just silently set it to an empty string (it's can't be used for anything anyway - it certainly doesn't allow you access the bucket, so there's no harm in silently ignoring it)
      • on upgraded clusters, as part of the online upgrader we should set the password to the empty string

      In the long distant past the bucket password did grant one access to the bucket, but that is true no longer - ever since 5.0 the only way to access a bucket was via user credentials. Moxi used the bucket password, but this is no longer supported. XDCR used in 4.6; but again no longer. And certain CLI / backup commands used it too back in 4.6. Nonetheless, we should probably release note this change.


        Issue Links

          No reviews matched the request. Check your Options in the drop-down menu of this sections header.



              steve.watanabe Steve Watanabe
              dfinlay Dave Finlay
              0 Vote for this issue
              17 Start watching this issue