DOCSP-15529 deprecates authentication as multiple simultaneous users

Author: jmd-mongo

source/includes/fact-authenticate.rst

@@ -16,14 +16,5 @@ To authenticate using the :binary:`~bin.mongo` shell, either:
   :method:`db.auth()` method against the :ref:`authentication database
   <mongo-shell-authentication-options>`.
 
-  .. important::
-
-     Authenticating multiple times as different users does **not** drop
-     the credentials of previously-authenticated users. This may lead to
-     a connection having more permissions than intended by the user, and
-     causes operations within a
-     :doc:`logical session </reference/server-sessions>` to raise an
-     error.
-
 For examples of authenticating using a MongoDB driver, see the
 `driver documentation <https://docs.mongodb.com/ecosystem/drivers/>`__.

source/reference/command/logout.txt

@@ -12,6 +12,13 @@ logout
 
 .. dbcommand:: logout
 
+   .. deprecated:: 5.0
+
+   Attempting to use the :dbcommand:`logout` command will write an 
+   error message to the log once per logout attempt.
+   
+   This command will be removed in a future release.   
+
    The :dbcommand:`logout` command terminates the current
    authenticated session:
 
@@ -33,3 +40,4 @@ logout
       .. code-block:: javascript
 
          db.runCommand( { logout: 1 } )
+

source/reference/command/nav-authentication.txt

@@ -30,7 +30,7 @@ Authentication Commands
 
    * - :dbcommand:`logout`
 
-     - Terminates the current authenticated session.
+     - *Deprecated*. Terminates the current authenticated session.
 
 
 .. toctree::

source/reference/method.txt

@@ -503,7 +503,7 @@ Database
 
    * - :method:`db.logout()`
 
-     - Ends an authenticated session.
+     - *Deprecated*. Ends an authenticated session.
 
    * - :method:`db.printCollectionStats()`
 

source/reference/method/db.logout.txt

@@ -12,6 +12,13 @@ db.logout()
 
 .. method:: db.logout()
 
+   .. deprecated:: 5.0
+   
+   Attempting to use the :method:`db.logout()` method will write an 
+   error message to the log once per logout attempt.
+
+   This method will be removed in a future release.
+
    Ends the current authentication session. This function has no effect
    if the current session is not authenticated.
 

source/reference/method/js-database.txt

@@ -130,7 +130,7 @@ Database Methods
 
    * - :method:`db.logout()`
 
-     - Ends an authenticated session.
+     - *Deprecated*. Ends an authenticated session.
 
    * - :method:`db.printCollectionStats()`
 

source/release-notes/5.0-compatibility.txt

@@ -260,6 +260,16 @@ General Changes
 - MongoDB 5.0 removes the ``--serviceExecutor`` command-line option and
   the corresponding ``net.serviceExecutor`` configuration option.
 
+- Starting in MongoDB 5.0, you may not authenticate as multiple 
+  simultaneous users on the same client session if the 
+  :option:`--apiStrict` option is set. Attempting to 
+  authenticate as a new user while currently logged in as an existing 
+  user when the :option:`--apiStrict` option is set will generate an 
+  error message once per authentication attempt. If you are not using
+  the :option:`--apiStrict` option, authenticating as a new user while
+  currently logged in as an existing user will write a warning to the 
+  log once per authentication attempt.
+
 Deprecations
 ~~~~~~~~~~~~
 
@@ -276,6 +286,17 @@ Deprecations
 
   .. include:: /includes/deprecated-rs.printSlaveReplicationInfo.rst
 
+- :dbcommand:`logout`
+ 
+  *Deprecated in version 5.0:* Disconnect from the server to end your 
+  session instead.
+  
+- :method:`db.logout()`
+
+  *Deprecated in version 5.0:* Disconnect from the server to end your 
+  session instead.
+
+
 .. _5.0-compatibility-enabled:
 
 5.0 Feature Compatibility