Ignore credentials in secure connect bundle [DataStax Astra]

Description

Currently, the Java driver falls back to the config json credentials if they are present, even if the user provided their own credentials.

The Astra secure connect bundle no longer has the credentials in config.json due to it being considered a security vulnerability so we should completely ignore those fields in the config.json.

Environment

None

Pull Requests

None

Activity

Show:
Erik Merkle
July 22, 2020, 4:07 PM

At the risk of potentially creating more problems, do we want to consider a log if the driver detects username/password in the bundle?

Fixed

Assignee

Tomasz Lelek

Reporter

Alexandre Dutra

Labels

None

PM Priority

None

Affects versions

None

Fix versions

Doc Impact

None

Size

None

External issue ID

None

External issue ID

None

Reviewer

Alexandre Dutra

Priority

Major
Configure