Skip to content

Improve support for connections without auth (Final PR for 1.14.0) #629

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
anderson4j merged 3 commits into from
Jan 8, 2026
Merged

Improve support for connections without auth (Final PR for 1.14.0) #629

anderson4j merged 3 commits into from
Jan 8, 2026

Conversation

@anderson4j
Copy link
Collaborator

@anderson4j anderson4j commented Jan 7, 2026
edited
Loading

Before we had validation that the user/password was non-empty. This doesn't really make sense for users that have turned off authentication (setting dbms.security.auth_enabled to false in the conf). They then had to input some gibberish password just to get past validation (if they figured this out) and would then be able to proceed whatever the password was (as long as it wasn't empty)

Since we anyway get a reasonable message when a user tries and fails to connect with incorrect password/user (including empty) when auth is activated on the db, I think this check is not needed.

One thing though is that the user is included in the connection-name of the connection like:
<Display name> [<**user**>@<scheme><host>:<port>]

But since we can pass any user/password when auth is off, we will always succesfully connect (if scheme/host/port is correct) and can then pass any username and it will be displayed in the connection-name. I suppose we could do a comparison to SHOW CURRENT USER and remove the "gibberish-username" once the connection is established, but I think it's quite a messy solution for such a small issue (that the user shouldnt cause if they know what they are doing). So maybe we let it be?

Actually, thinking more of it, I think the way it is makes sense. We are indeed trying to use this user to connect, so if the server turns on auth this is the user that would validated against

Fixes #596
Closes LS-92

@changeset-bot
Copy link

changeset-bot bot commented Jan 7, 2026
edited
Loading

⚠️ No Changeset found

Latest commit: bae301d

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

@anderson4j anderson4j changed the title Improve support for connections without auth Improve support for connections without auth (Final PR for 1.14.0) Jan 8, 2026
@anderson4j anderson4j merged commit d72dda9 into main Jan 8, 2026
8 checks passed
@anderson4j anderson4j deleted the connectionOptionalAuth branch January 8, 2026 14:37
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@OskarDamkjaer OskarDamkjaer OskarDamkjaer approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Cannot add database connection without authentication

3 participants

@anderson4j @OskarDamkjaer