When configuring MongoDB authentication, the configuration needs to happen either through the URI or through individual properties. Specifying spring.data.mongodb.uri ignores spring.data.mongodb.username and spring.data.mongodb.password properties as we assume the ConnectionString encapsulates all details.

In cases where endpoint config is provided with through an URL but authentication should be provided through properties (e.g. Vault, external property sources), it is not possible to do so.

In other areas, such as JDBC, some drivers can accept authentication as part of the JDBC URL and username/password properties are considered additionally.

Ideally, when both, URI and authentication, are configured, spring.data.mongodb.username overrides what is specified through the connection string.

Related tickets:

• 43851

• 37100

• 17215

Comment From: wilkinsona

In other areas, such as JDBC, some drivers can accept authentication as part of the JDBC URL and username/password properties are considered additionally.

A key difference here is that there are different number of targets in each case. With Mongo, we're using the properties to create only a ConnectionString. With a JDBC DataSource, we're using the properties to configure, for example, Hikari's jdbcUrl, username, and password.

Ideally, when both, URI and authentication, are configured, spring.data.mongodb.username overrides what is specified through the connection string

I'm not sure that is ideal, at least not for everyone. We know that some users rely on the current behavior where they can use host, port, username, and password properties in some situations and then override them all with the uri property. spring.data.mongodb.username overiding the credentials in spring.data.mongdb.uri would be a breaking change for them.

We can perhaps revisit this for 4.0 but I cannot see a way to please all of the people all of the time.